shrinke.me Open in urlscan Pro
2606:4700:3035::ac43:9770 Public Scan

URL: https://shrinkme.io/payout-rates
Title: Payout Rates

URL: https://shrinkme.io/pages/payment-proof
Title: Payment Proof

URL: https://blog.shrinkme.io/
Title: Blog

URL: https://shrinkme.io/auth/signin
Title: Login

URL: https://shrinkme.io/auth/signup
Title: Register

URL: https://shrinkme.io/pages/privacy
Title: Privacy Policy

URL: https://shrinkme.io/pages/terms
Title: Terms of Use

URL: https://shrinkme.io/pages/faq
Title: F.A.Q

URL: https://forms.gle/PSzDDwcQLJCjL8V8A
Title: ABUSE/DMCA

URL: https://www.facebook.com/shrinkme.io

URL: https://t.me/shrinkme_io

URL: https://valueimpression.com/?ref=shrinke.me

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://media.vlitag.com/vid/?id=TV1MKMdUJ3Y&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1619373396&ei=81iFYPn6Opn2hwbFypqoDA&ip=193.56.74.18&id=o-ADH2BJX_NFWZW_uSvNuD6hrO4Qehr69lkFQnAXD4lu2h&itag=22&source=youtube&requiressl=yes&mh=qk&mm=31%2C29&mn=sn-8xgp1vo-ab5e%2Csn-ab5szn7e&ms=au%2Crdu&mv=u&mvi=4&pl=24&vprv=1&mime=video%2Fmp4&ns=AIluszUNYDWJHFBGkSR772IF&cnr=14&ratebypass=yes&dur=347.881&lmt=1543416986231159&mt=1619351212&fvip=4&fexp=24001373%2C24007246&c=WEB&txp=5532432&n=YQxYregHPbdmerqUwy&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgZJ_jVxR9QBSYBGGHrgBQRQ057J99XVV6UfOqaa89GhMCIQDJZVUTm3SLDD2RTROCuxu6LrE1WAJWXj13iM7q1X_FUA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAL1GzBRpctNbCZRqNHjtVafUa8ctfduavzecFVzu8At0AiBPSWobv6G8iY4k0ppFezKf-ZfYmlLmL5ksy5k2_5xTtg%3D%3D HTTP 302
https://r4---sn-4g5e6nez.googlevideo.com/videoplayback?expire=1619373396&ei=81iFYPn6Opn2hwbFypqoDA&ip=193.56.74.18&id=o-ADH2BJX_NFWZW_uSvNuD6hrO4Qehr69lkFQnAXD4lu2h&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=AIluszUNYDWJHFBGkSR772IF&cnr=14&ratebypass=yes&dur=347.881&lmt=1543416986231159&fvip=4&fexp=24001373%2C24007246&c=WEB&txp=5532432&n=YQxYregHPbdmerqUwy&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgZJ_jVxR9QBSYBGGHrgBQRQ057J99XVV6UfOqaa89GhMCIQDJZVUTm3SLDD2RTROCuxu6LrE1WAJWXj13iM7q1X_FUA%3D%3D&cms_redirect=yes&mh=qk&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nez&ms=au&mt=1619360200&mv=m&mvi=4&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgV1kRhiJriTpRkJZbO-LbGqXTGxKRV3gAxKjXfKg7fpYCIDzSPaa2WhEPZB7qASq3f-X3_zZPbmbhj0yKNyzcyCXE

Request Chain 144

https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.13504013089413158&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.13504013089413158&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&gdpr=1&gdprcs=

Request Chain 160

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955100460957169805

Request Chain 161

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBOTVFN0JDdllBQUNuNnVRLTgtZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA95E7BCvYAACn6uQ-8-g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 163

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GNGLaQ9Bjpt9bqeCQaVOWs3d

Request Chain 164

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4092331111 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4092331111 HTTP 302
https://sync.1rx.io/usersync/tradedesk/52709101-6493-4390-8395-6b3dad330a0c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003

Request Chain 166

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 167

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=AmeLL9b3y1kv&pid=557219

Request Chain 168

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ccae2d8-3681-4e9d-9106-c1c0ca321477-tuct77f0087&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lXzuiXQCTIyBpqaj8LyNFg%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lXzuiXQCTIyBpqaj8LyNFg%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 172

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 173

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&addseg=21

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU3Q0VFODktNzQwMi00QzhDLTgxQTYtQTZBM0YwQkM4RDE2&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU3Q0VFODktNzQwMi00QzhDLTgxQTYtQTZBM0YwQkM4RDE2&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEboTP4qheG0fa8Sc3cNjKI&google_cver=1

Request Chain 177

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=52709101-6493-4390-8395-6b3dad330a0c

Request Chain 178

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5912255990128083827

Request Chain 179

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2b916085-7b09-4f00-8718-f43fb5875f90&gdpr=0&gdpr_consent=

Request Chain 180

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4372523012132661581&gdpr=0&gdpr_consent=

Request Chain 182

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tZlYEbhE2uXghP9XTDjCer9RbG7WqgA-~A&gdpr=0&gdpr_consent=

Request Chain 183

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ums.acuityplatform.com/bum?tpid=29&uid=4270a6dd-24ab-49c4-b828-fabdea5b287d&bidswitch_ssp_id=pubmatic

Request Chain 184

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD

Request Chain 185

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3390226349094122265&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 186

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIV7BgAAcHNz9AAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIV7BgAAcHNz9AAC&gdpr=0&gdpr_consent=&_test=YIV7BgAAcHNz9AAC

Request Chain 187

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fc01e25a-24e2-4353-a7fc-4bcd18f341af&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 188

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 190

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4372523012132661581

Request Chain 191

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_18fef936-3833-4b35-b9b4-775525238483

Request Chain 199

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581

Request Chain 201

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-hKPeDsFE2uEcFS3YgGs_vLU5Wa0rNHFMgLz8jj8-~A

Request Chain 202

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=4372523012132661581 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/cchain/1?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=a01746c17bf450a20a175419 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D&C=1 HTTP 302
https://prebid.a-mo.net/cchain/2?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YIV7BiHkCnaPmZUel-IbcwAA%261187 HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7

Request Chain 203

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c5c96a32e47fba34d89ee951

Request Chain 204

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c

Request Chain 205

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c2a3a022-b19b-42d5-8a2c-49ac6dfc0275

Request Chain 206

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581

Request Chain 207

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c209138-a5d1-11eb-8f93-0282db67f25c

Request Chain 210

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 213

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c265db0-a5d1-11eb-91cc-065e13ec10f6

Request Chain 214

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581

Request Chain 216

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-IQFaA19E2uExSY29frFUoV8FRDqJXVU_EKGFwKk-~A

Request Chain 217

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=4372523012132661581 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/cchain/1?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=8e228991395c0129856b6dcc HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D&C=1 HTTP 302
https://prebid.a-mo.net/cchain/2?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YIV7Bqj1vbMnkRWo6qyi6QAA%261114 HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7

Request Chain 218

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2853452bcc33cd95f9822134

Request Chain 219

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c

Request Chain 220

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f8e73af5-692a-4a2e-bb40-d5926831adcc

Request Chain 221

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581

Request Chain 224

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 227

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581

Request Chain 228

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b0c6ff2a89e53e574c62ba3f

Request Chain 229

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c

Request Chain 230

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c1ed60fc-5166-485d-9f51-caf10924a631

Request Chain 231

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581

Request Chain 232

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c209138-a5d1-11eb-8f93-0282db67f25c

Request Chain 234

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rPPZkL9E2uEkRU6P7kM63wuDNHjARV5dnfI7my0-~A

Request Chain 235

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=4372523012132661581 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/cchain/1?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=520878f1bb8ab3a6d6daabbc HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D&C=1 HTTP 302
https://prebid.a-mo.net/cchain/2?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YIV7Bqj1vbMnkRWo6qyi7AAA%261164 HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7

Request Chain 237

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEJsMOJXGiFyp5RHMSVRNTXM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 247

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=990101a1-a5d1-11eb-8bc2-8ec3c4e339da&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 249

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=52709101-6493-4390-8395-6b3dad330a0c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 253

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=df0d52c0-3a2e-48b6-9b88-c28664b9463f&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 254

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=45bc044f-7254-4c4c-5294-d0f744d04a72&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=45bc044f-7254-4c4c-5294-d0f744d04a72&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=02210918427681294150257057113489100659&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 256

https://bn01.er.bemail.it/zeotap.php?_bid=45bc044f-7254-4c4c-5294-d0f744d04a72&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021042516-65151-0.602151001619360523-324cb02d343f1401dc5d60fc55cb9656&zdid=533&env=mWeb

Request Chain 257

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6955100460957169805&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 258

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=45bc044f-7254-4c4c-5294-d0f744d04a72 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=45bc044f-7254-4c4c-5294-d0f744d04a72

Request Chain 259

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=45bc044f-7254-4c4c-5294-d0f744d04a72&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=45bc044f-7254-4c4c-5294-d0f744d04a72&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361&bounce=1&random=3434682908 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=0oN2KgG5KFxKoQmjdQKagu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 261

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=45bc044f-7254-4c4c-5294-d0f744d04a72?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=45bc044f-7254-4c4c-5294-d0f744d04a72?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=d2757c9d68cca4a701f1f9283b57c33a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 262

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-bOOT1J9E2opoTOiyFeh3shn6PbBbhz8otA--~A&zpartnerid=570&env=mWeb

Request Chain 263

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI6TfzIBcgkqhc%2B7VKb%2BwuNq%2BS41iYitP1U%3D

Request Chain 267

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YIV7BgAAcHNz9AAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 268

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=502b6085-7b08-4e00-b7a3-6ea69b0f8b12&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 269

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Request Chain 270

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=45bc044f-7254-4c4c-5294-d0f744d04a72&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=45bc044f-7254-4c4c-5294-d0f744d04a72&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361&dcc=t

Request Chain 276

https://c1.adform.net/serving/cookie/match?party=14&cid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16

Request Chain 277

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-56TZ6H3RQNGxV-tTpFRRsT3tJw

Request Chain 278

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

Request Chain 279

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3VLetYe51LAFE45&gdpr=0&gdpr_consent=

Request Chain 280

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6DC5F8D058A64A0880B3188AA8D0B038

Request Chain 282

https://pixel.onaudience.com/?partner=214&mapped=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d2757c9d68cca4a701f1f9283b57c33a HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=52709101-6493-4390-8395-6b3dad330a0c&icm HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=52709101-6493-4390-8395-6b3dad330a0c&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=7eac6de886a35046 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6c0e4a86-e49b-40d8-768b-9a0aa9e13696&reqId=2dcab0ca-e21a-4444-44e9-112a753f6946&zcluid=7eac6de886a35046&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6c0e4a86-e49b-40d8-768b-9a0aa9e13696&reqId=2dcab0ca-e21a-4444-44e9-112a753f6946&zcluid=7eac6de886a35046&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEOdbN1_EUQIXukvMkM8H4-Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6c0e4a86-e49b-40d8-768b-9a0aa9e13696&reqId=2dcab0ca-e21a-4444-44e9-112a753f6946&zcluid=7eac6de886a35046&zdid=1332

Request Chain 283

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=59c46085-7b09-4b00-aab7-35061a747675

Request Chain 284

https://loadm.exelator.com/load/?p=204&g=71&buid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=0&gdpr_consent=&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=71&buid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

Request Chain 285

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a45901b-a5d1-11eb-915a-a346d8a61158&gdpr=0&gdpr_consent=

Request Chain 291

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/4d206085-7b0c-4300-8bc8-dd8e86162f19

Request Chain 293

https://dmp.adform.net/serving/cookie/match?party=1167&cid=i9KCB6hRXXb4rOyqXt2TzHG2hYasErm358074HctqAI HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=i9KCB6hRXXb4rOyqXt2TzHG2hYasErm358074HctqAI HTTP 302
https://onetag-sys.com/sync/i,34/1188005195239092607

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPjIzRSrIUONO9qcK1BkLqA&google_cver=1

Request Chain 296

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=52709101-6493-4390-8395-6b3dad330a0c&ttl=1621952525

Request Chain 297

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag

Request Chain 299

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/240c6085-7b0c-4a00-a878-b42cb74d38ad

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPjIzRSrIUONO9qcK1BkLqA&google_cver=1

Request Chain 303

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=52709101-6493-4390-8395-6b3dad330a0c&ttl=1621952525

Request Chain 304

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag

Request Chain 305

https://dmp.adform.net/serving/cookie/match?party=1167&cid=rbw2f-3AJoqn9-8wHsySaXsl0-C7i78Hq7WbSSFB1FU HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=rbw2f-3AJoqn9-8wHsySaXsl0-C7i78Hq7WbSSFB1FU HTTP 302
https://onetag-sys.com/sync/i,34/3455762764481509952

Request Chain 307

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/c31d6085-7b0d-4a00-b410-1f16a95f88e8

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPjIzRSrIUONO9qcK1BkLqA&google_cver=1

Request Chain 311

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=52709101-6493-4390-8395-6b3dad330a0c&ttl=1621952525

Request Chain 312

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag

Request Chain 313

https://dmp.adform.net/serving/cookie/match?party=1167&cid=vtQ7IXEX4rpKXGLmmAX4RWDfT24GNdqLDOblz0CuLfc HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=vtQ7IXEX4rpKXGLmmAX4RWDfT24GNdqLDOblz0CuLfc HTTP 302
https://onetag-sys.com/sync/i,34/6620301445825172835

Request Chain 321

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=tIP8drXR9CevgadzsIrpcrCG93qvg_xystI9zFdJ

322 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request jqQsFKb2 Show response
shrinke.me/ 21 KB
7 KB 93ms
65ms Document
text/html 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65166f5b4cd13bccc23b6d67ec9e4bf03b5c517897253a46214e8196f93cb0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: shrinke.me
:scheme: https
:path: /jqQsFKb2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da9eb046c13b76b4e7bef0d7f5449c1741619360510; expires=Tue, 25-May-21 14:21:50 GMT; path=/; domain=.shrinke.me; HttpOnly; SameSite=Lax; Secure lang=en_US; expires=Wed, 20-Apr-2022 14:21:50 GMT; Max-Age=31104000; path=/ AppSession=5d1e20ac957171d4cf61b42f89a1d1a3; path=/; HttpOnly csrfToken=28fbbdbcf389d088afdbcb45cb442fe8314a691d3a4dee74496396d9eb086edc3ab382fac7d0db92d18ca0d4b7ab6a1e9bae6349320e088cd9414d59cdd8d55d; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 09ab018a4900004a9711332000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IiqcddGQtJu46t6%2FE6mLvJ86OaW87%2FQ6Q%2B4iocyUv7zvB%2F2lfKn96I2LgI8JCIiXQKt4cM4B50I7RJgH27%2B%2FSyZbHdEmq12dLPPcyebH43Ou1s%2FVxZO9"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64583856de844a97-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
809 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4b13b091264448af149e519f01f3838360a69f04c20e42583b0a942ca912d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 13:27:27 GMT
server: ESF
date: Sun, 25 Apr 2021 14:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Apr 2021 14:21:50 GMT

GET
H3-29 200 styles.min.css
shrinke.me/modern_theme/build/css/ 187 KB
31 KB 40ms
28ms Stylesheet
text/css 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /modern_theme/build/css/styles.min.css?ver=6.4.0
pragma: no-cache
cookie: __cfduid=da9eb046c13b76b4e7bef0d7f5449c1741619360510; lang=en_US; AppSession=5d1e20ac957171d4cf61b42f89a1d1a3; csrfToken=28fbbdbcf389d088afdbcb45cb442fe8314a691d3a4dee74496396d9eb086edc3ab382fac7d0db92d18ca0d4b7ab6a1e9bae6349320e088cd9414d59cdd8d55d
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shrinke.me
referer: https://shrinke.me/jqQsFKb2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/jqQsFKb2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1315768
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab018a9c00004e1f6f0fd000000001
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2ec69-5a22587d62000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7GhDK7ihkA1eU8ePil%2B%2FmyH%2ByUXDObBnz67IK3FzKq5aGr9QJfVL3kjun1LRL0M%2FS0I4BgS%2BMRe2g6p3seMi4CQ2kpG0BmVEY06FYabgrgBSGcW9W0HL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 645838575a2e4e1f-FRA
expires: Mon, 10 May 2021 08:52:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137383949-1

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b4cde4a1f4f06e7356ce14e0279263c283ac8cfb0283296930a89d34021c6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35723
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Apr 2021 14:21:51 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 140ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:50 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:24:41 GMT
server: nginx
etag: W/"573f4859-14e4a"
vary: Accept-Encoding
x-hw: 1619360510.dop142.fr8.t,1619360510.cds240.fr8.hn,1619360510.cds130.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 / Show response
services.vlitag.com/adv1/ 932 B
1 KB 154ms
138ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcfbf218c87302159edb34902652aa0308bc2348690bb4a73426c98d83ef1e21

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab018d410000d725de03e000000001
pragma: no-cache
last-modified: Sun, 25 Apr 2021 14:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VlHkGZ6u4wMlhb%2B%2Fct1dgfo4tlIL96tjMRskCQP2c7IEKdQYZxm5VDSGWrY%2FGNDiVwr1knzba5mZgrfINaHO0kWTxpNxSv%2B7PXgRUQv0Q4Q2zWy%2B86vPjh5HXMH1O4Sb"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 6458385b9cc8d725-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 sw.js Show response
shrinke.me/ 96 KB
34 KB 34ms
22ms Script
application/javascript 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/sw.js

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ba75869b8dc9e93dfb6bb58428301a77e3d5174716750d78e8dcd24658d4ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sw.js
pragma: no-cache
cookie: __cfduid=da9eb046c13b76b4e7bef0d7f5449c1741619360510; lang=en_US; AppSession=5d1e20ac957171d4cf61b42f89a1d1a3; csrfToken=28fbbdbcf389d088afdbcb45cb442fe8314a691d3a4dee74496396d9eb086edc3ab382fac7d0db92d18ca0d4b7ab6a1e9bae6349320e088cd9414d59cdd8d55d
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shrinke.me
referer: https://shrinke.me/jqQsFKb2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/jqQsFKb2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1315768
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab018a9f00004e1f6c3f2000000001
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17fc0-5a22587d62000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8LKOaAq3cnu%2BjkggvYvqSC3oc9vq4oOWPKkrzQlv7nLWsrmAYerRA%2BMGDFw7Uj%2BWYYIlXTDdI86nieYWbVvjdVj%2Fmhwr%2BgX02hSymLg23MGf4dUcpOZi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 645838575a314e1f-FRA
expires: Mon, 10 May 2021 08:52:22 GMT

GET
H2 200 / Show response
d1r90st78epsag.cloudfront.net/ 287 KB
95 KB 501ms
358ms Script
text/plain 13.33.141.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1r90st78epsag.cloudfront.net/?etsrd=792297
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.141.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 85a79bcbb9cc45a035f4563e7fca36e37b3d5eb95b95bbbf9272aba3ae73ca11

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:51 GMT
content-encoding: gzip
x-amz-cf-pop: CPH50-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 96988
via: 1.1 0627ff40b5d116e8aeb618dfe60b85fa.cloudfront.net (CloudFront)
x-amz-cf-id: rmvVPZpeHDb2LtbSI3plfK5fKURKBXJ_4w1XMsLUbLNfbNB5gqRBsg==

GET
H/1.1 403
Forbidden 1844b8e470c024a415cff51a0843d71c.js
noughttrustthreshold.com/18/44/b8/ 0
0 396ms
129ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://noughttrustthreshold.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 14:21:50 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 logo-sm.webp
shrinkme.io/ 31 KB
31 KB 40ms
13ms Image
image/webp 2606:4700:3036::6815:3aec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkme.io/logo-sm.webp

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:3aec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1209688
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31236
cf-request-id: 09ab018de70000d6f9c61f9000000001
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7a04-5a22587d62000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ugoL%2FBTMdqjIs5AfWX%2F8%2FDJ5UJ0HS6B%2BbOaNd2Q8YunNCyJVf%2Ff84VHKfIPAEN3fA7gp2%2FIujtw21soGTjVqEhTklUfBItlTnwFw7a6Yjpkw0wkSbJvuFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6458385cacfcd6f9-FRA
expires: Mon, 11 Apr 2022 14:20:23 GMT

GET
H/1.1 200
OK 23826 Show response
coccusadmanlob.com/t3tgUSTlRzMe6Sv/ 0
0 198ms
48ms Script
text/html 23.109.82.10
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://coccusadmanlob.com/t3tgUSTlRzMe6Sv/23826
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 23.109.82.10 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *

GET
H2 200 qJpGKf7.png
i.imgur.com/ 17 KB
17 KB 139ms
45ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/qJpGKf7.png

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

afc64d8345a0c5e5fe8f866056f6e594bae4a885ef8bc44a37de95dd9eaae157

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
x-content-type-options: nosniff
age: 9257174
x-cache: HIT, HIT
content-length: 17527
x-served-by: cache-bwi5120-BWI, cache-hhn4061-HHN
last-modified: Tue, 05 Nov 2019 17:14:35 GMT
server: cat factory 1.0
x-timer: S1619360512.594141,VS0,VE0
etag: "e44ce2565aa2068add8081e038f0a55b"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 15

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 50ms
21ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
age: 2913625
etag: W/"5fb1d3ed-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6458385dfd8196da-FRA
cf-request-id: 09ab018eba000096da08b9b000000001
expires: Thu, 17 Mar 2022 21:01:26 GMT

GET
H3-29 200 email-decode.min.js Show response
shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=da9eb046c13b76b4e7bef0d7f5449c1741619360510; lang=en_US; AppSession=5d1e20ac957171d4cf61b42f89a1d1a3; csrfToken=28fbbdbcf389d088afdbcb45cb442fe8314a691d3a4dee74496396d9eb086edc3ab382fac7d0db92d18ca0d4b7ab6a1e9bae6349320e088cd9414d59cdd8d55d
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shrinke.me
referer: https://shrinke.me/jqQsFKb2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/jqQsFKb2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 09ab018ce500004e1f07a28000000001
last-modified: Wed, 14 Apr 2021 08:33:47 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6076a8eb-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cApc2FaeQA9GIMi7aCxEAudT1qgtTMM%2FPTmnWc4N0w7U8IMI3a5I2rJGDIOVvs9do%2FJoFV8MteK77fKCVeg71qcQDFWyrZE4uHVIEGk8iuhK4juGSYDd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 6458385b08c54e1f-FRA
expires: Tue, 27 Apr 2021 14:21:51 GMT

GET
H3-29 200 ads.js Show response
shrinke.me/js/ 191 B
711 B 13ms
13ms Script
application/javascript 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/js/ads.js

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: __cfduid=da9eb046c13b76b4e7bef0d7f5449c1741619360510; lang=en_US; AppSession=5d1e20ac957171d4cf61b42f89a1d1a3; csrfToken=28fbbdbcf389d088afdbcb45cb442fe8314a691d3a4dee74496396d9eb086edc3ab382fac7d0db92d18ca0d4b7ab6a1e9bae6349320e088cd9414d59cdd8d55d
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shrinke.me
referer: https://shrinke.me/jqQsFKb2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/jqQsFKb2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1315769
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab018ced00004e1f0a87e000000001
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"bf-5a22587d62000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yZVcwA3DnDm%2FbqtXja8aTmOo6Kgx088GtPT21vAzZLQ8PTiU7n%2BmT28DiYf7iZu%2FXxlh3p49SLRm8EkX62n9UVnATqJkLS%2FUaxtrm1Tlp%2BLVXhzCzRzt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 6458385b18e64e1f-FRA
expires: Mon, 10 May 2021 08:52:22 GMT

GET
H3-29 200 script.min.js Show response
shrinke.me/modern_theme/build/js/ 202 KB
57 KB 21ms
21ms Script
application/javascript 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/modern_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /modern_theme/build/js/script.min.js?ver=6.4.0
pragma: no-cache
cookie: __cfduid=da9eb046c13b76b4e7bef0d7f5449c1741619360510; lang=en_US; AppSession=5d1e20ac957171d4cf61b42f89a1d1a3; csrfToken=28fbbdbcf389d088afdbcb45cb442fe8314a691d3a4dee74496396d9eb086edc3ab382fac7d0db92d18ca0d4b7ab6a1e9bae6349320e088cd9414d59cdd8d55d
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shrinke.me
referer: https://shrinke.me/jqQsFKb2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/jqQsFKb2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1315769
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab018cfc00004e1fffad7000000001
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"32956-5a22587d62000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Np9LMsi3eiUAc2Zc0RScqwDPKoVQ30ffT8FXQRNpLr4LTftscbt%2BoNB8vyJujWKlakPdkGe2Q3exPGV3tJq%2Bj0%2B%2B8or6BhJhoPViB8eG%2B9r0iQWWNkP2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 6458385b29144e1f-FRA
expires: Mon, 10 May 2021 08:52:22 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
1003 B 37ms
16ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d67a83a792ee3e41eccb97990c09da58b72a5028b227638aadbb81ef33d5486

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Sun, 25 Apr 2021 14:21:51 GMT

GET
H2 200 cE9jRjMLbRAxbAU9D2QJUicXMkMDdUxpQBg9CihYFWEOIxwDOE0sQFJjQTVeFm1Zdx9SOwIhbBkrQXwRR3ZRdApJbU9kQAUtPC9XQm1ZZFVBKVAlChF8TnFRRXdOcgETdk5%2BBhV%2FTiIKEXlaJwBEfAd3ClIy Show response
leaderhistliness.info/ 49 KB
19 KB 414ms
145ms Script
application/javascript 52.86.219.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://leaderhistliness.info/cE9jRjMLbRAxbAU9D2QJUicXMkMDdUxpQBg9CihYFWEOIxwDOE0sQFJjQTVeFm1Zdx9SOwIhbBkrQXwRR3ZRdApJbU9kQAUtPC9XQm1ZZFVBKVAlChF8TnFRRXdOcgETdk5%2BBhV%2FTiIKEXlaJwBEfAd3ClIy
Requested by: Host: shrinke.me
URL: https://shrinke.me/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.86.219.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c1950d29e333e24a3fb7b351e9f48cd9c685231c6443e512b89478bfc7ff9b1a

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"c25b-pYzJG4nIP519vIya7o/tWVOvx+Y"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137383949-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3548
date: Sun, 25 Apr 2021 13:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 25 Apr 2021 15:22:43 GMT

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
784 B 149ms
140ms XHR
application/json 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&mtk=8509

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13
cf-request-id: 09ab018dd700004a7a1f1db000000001
pragma: no-cache
last-modified: Sun, 25 Apr 2021 14:21:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uDlS6tGyoXZv6irVmTU6JVkCjaqo3FyHwUPKAtfN3s77jLwBTXkf41YdoYPSMkhk9dMrIpsa44mZg1k8OE%2B%2BaIeFchjZ%2BzPDxi0NJDYLkXtMs7UlZi%2FpeiOGjhOUFNRY"}],"max_age":604800}
content-type: application/json
access-control-allow-origin: https://shrinke.me
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 6458385c8a584a7a-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 b696d0f5c06dbd9fd83feb568718537b.js Show response
tag.vlitag.com/v1/1619247342/ 557 KB
114 KB 41ms
39ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74849427d8dfc4b02b646f19bddff541596d3f8080f00df8b1e949952d3b6f4f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 113169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab01906b0000d725b6988000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DfyJF2jC3PhELI8JhAueIWW%2BP3ub8LvU3Ngsqg8VGh%2F89ppFhJ99oL6PwOtXoxLctexM6ha%2F8k%2B%2BN4rkc2ETRHOaN7%2BUqubPM2QRGm7STC1Y2jZaNfAwEWP7sQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
cf-ray: 64583860ac2ad725-FRA

GET
H/1.1 403
Forbidden 1844b8e470c024a415cff51a0843d71c.js
noughttrustthreshold.com/18/44/b8/ 0
0 130ms
130ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://noughttrustthreshold.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 14:21:52 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=695743183&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&ul=en-us&de=UTF-8&dt=ShrinkMe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1237943003&gjid=557240451&cid=1264679342.1619360512&tid=UA-137383949-1&_gid=90362023.1619360512&_r=1&gtm=2ou4e1&z=1518064810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-137383949-1&cid=1264679342.1619360512&jid=1237943003&gjid=557240451&_gid=90362023.1619360512&_u=IEBAAUAAAAAAAC~&z=784190604

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 25 Apr 2021 14:21:52 GMT
content-type: text/plain
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-137383949-1&cid=1264679342.1619360512&jid=1237943003&_u=IEBAAUAAAAAAAC~&z=757360709

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-137383949-1&cid=1264679342.1619360512&jid=1237943003&_u=IEBAAUAAAAAAAC~&z=757360709

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 header9.webp
shrinkme.io/ 127 KB
128 KB 28ms
17ms Image
image/webp 2606:4700:3036::6815:3aec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkme.io/header9.webp

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:3aec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 902832
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130482
cf-request-id: 09ab01907800004ea92288c000000001
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1fdb2-5a22587d62000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qEXKfgLxGYaPlc%2BU5CkD%2B2pNgOX1D%2Fk0R2uI73rSACMvh7ajPxZ82jgoqEm7f3Hqt3%2B1T17RWssT%2B2vytiLE2aXDSbk2fifvnVJfEFv4D0i6nPw%2FGtjLVw%3D%3D"}],"group":"cf-nel"}
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 64583860b8184ea9-FRA
expires: Fri, 15 Apr 2022 03:34:40 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 404260
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Wed, 20 Apr 2022 22:04:12 GMT

GET
H3-29 200 fontawesome-webfont.woff2
shrinke.me/modern_theme/build/fonts/ 75 KB
76 KB 16ms
15ms Font
font/woff2 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/modern_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: shrinke.me
URL: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://shrinke.me
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=da9eb046c13b76b4e7bef0d7f5449c1741619360510; lang=en_US; AppSession=5d1e20ac957171d4cf61b42f89a1d1a3; csrfToken=28fbbdbcf389d088afdbcb45cb442fe8314a691d3a4dee74496396d9eb086edc3ab382fac7d0db92d18ca0d4b7ab6a1e9bae6349320e088cd9414d59cdd8d55d; _ga=GA1.2.1264679342.1619360512; _gid=GA1.2.90362023.1619360512; _gat_gtag_UA_137383949_1=1
:path: /modern_theme/build/fonts/fontawesome-webfont.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: shrinke.me
referer: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://shrinke.me
Referer: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3371
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 09ab01906c00004e1ffab17000000001
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "12d68-5a22587d62000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=83tpRb2yUscVL5B23OVp%2FyN9wRntw0Xon%2Frqgaif23Ffv1W7ScEJ7QNS1h1L8Q2uhZcDIFkmgxLFlCES%2FklXhyzNeWT6qglWlCqmL2cb4Vcm2KG9rXs3"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64583860ac124e1f-FRA

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 30 KB
31 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 02:08:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
age: 476013
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
expires: Wed, 20 Apr 2022 02:08:19 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 9502 4 KB
4 KB 588ms
194ms Script
application/javascript 35.161.243.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cb=3060496486&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/jqQsFKb2
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.243.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c2db19db434291cb751a1dd52f97adbe18af06944a7555b5cc5f90e8f59f416c

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
server: nginx
x-adtrue-instance: java1
content-length: 3892
content-type: application/javascript

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 21F3 4 KB
4 KB 560ms
191ms Script
application/javascript 35.161.243.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cb=3060496486&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/jqQsFKb2
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.243.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 75479d1a02d6801a85d6f759e9c64f897ed6adc260e14700c8a30c083ab446ae

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
server: nginx
x-adtrue-instance: java2
content-length: 3892
content-type: application/javascript

GET
H3-29 200 jqQsFKb2
shrinke.me/ 21 KB
21 KB 64ms
64ms Image
text/html 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinke.me/jqQsFKb2

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /jqQsFKb2
pragma: no-cache
cookie: __cfduid=da9eb046c13b76b4e7bef0d7f5449c1741619360510; lang=en_US; AppSession=5d1e20ac957171d4cf61b42f89a1d1a3; csrfToken=28fbbdbcf389d088afdbcb45cb442fe8314a691d3a4dee74496396d9eb086edc3ab382fac7d0db92d18ca0d4b7ab6a1e9bae6349320e088cd9414d59cdd8d55d; _ga=GA1.2.1264679342.1619360512; _gid=GA1.2.90362023.1619360512; _gat_gtag_UA_137383949_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shrinke.me
referer: https://shrinke.me/jqQsFKb2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/jqQsFKb2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab01908e00004e1f5f323000000001
pragma: no-cache
x-robots-tag: noindex, nofollow
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pUWIlrze9GhFGU4FxpX1jSbizguf8GXg%2FdgHu9KezWAdwnP53d92CYvvr67Fe%2Fzw7Z2wPGjIwQ9OGIciqVepjC5atYdf5k0AnNSPO7z7A1S03%2Br9f2vE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache, must-revalidate
cf-ray: 64583860ec754e1f-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 04:11:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 36622
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Mon, 25 Apr 2022 04:11:30 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ 334 KB
334 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 168336
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341908
x-xss-protection: 0
expires: Sat, 23 Apr 2022 15:36:16 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 34ms
27ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 233747
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab01914b0000d725de06e000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mzwypbEE9j6N8oEZvegvmkc%2F%2FRAA7jCMfMuQfeKif%2Bg%2Bfx49ZtPcMVRm%2FqOoJLAZ4SH7a%2FeWkBpe61OMkj2ICvxUmaQIyljFZC9ffG0x7mXksztra0MAoot7Dc8B%2FA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 645838621dedd725-FRA
expires: Thu, 22 Apr 2021 21:56:05 GMT

GET
H2 200 prebid-v4.36.0.js Show response
assets.vlitag.com/prebid/default/ 407 KB
116 KB 46ms
39ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5461777e8becbffec6413374caaf11144302832dcd36a2686be6aeddd1ca4040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 164068
cf-polished: origSize=417315
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab01914c0000d72518317000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 23 Apr 2021 16:47:16 GMT
server: cloudflare
etag: W/"6082fa14-65e23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k8ejRVGdaQBVzX09ki7gkRsD5VsYxECV1XzfHYAd00j6VYMkhdvIv0Oj%2B2QmnxbLliBfQz%2BevDIv4r23fc9qOqWUnWFnzSBXWF2WNg9jt4%2BLLmrHAheqna4LmHJHWQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 645838621defd725-FRA
expires: Fri, 23 Apr 2021 17:17:24 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad309904b3882d0bc665ba54e6fc9a708e89a6155fdce036c73ab386c80086c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "852 / 798 of 1000 / last-modified: 1619215752"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21081
x-xss-protection: 0
expires: Sun, 25 Apr 2021 14:21:52 GMT

GET
H2 200 viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 22ms
15ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 235199
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab01914b0000d72529a1d000000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 26 Nov 2020 03:46:23 GMT
server: cloudflare
etag: W/"5fbf250f-33d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PSZjFNMNQ6IP57dCsmLEWS1LOXy99CRZcsXEHKGn2g5PtYibh4MP925j1ZlgQ1cNIhbjwaUwLYWat9zPHMBXbaU%2BX5pU5srpodrXs2zQnns9bpmjdaW%2FjJpdYN24fA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 645838621debd725-FRA
expires: Thu, 22 Apr 2021 21:31:53 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Sun, 25 Apr 2021 14:21:52 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
16 KB 25ms
19ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 235199
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab01914c0000d72521800000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xGKOhxI5mDSYr8I%2B93RWrRP97C%2Bb8j6%2BYKkaGEHzx0pcbSo3BwO7mfj0wXcnRTQ98sTqzAhOV3Y1vWIhBFKi46awlumNjAWlvjzRHWgJF0bKV13ao41NMVgcsYM6JA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 645838621df1d725-FRA
expires: Thu, 22 Apr 2021 21:31:53 GMT

GET
H3-29 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame FAE7 20 KB
11 KB 43ms
28ms Document
text/html 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=kj8s98wl7jk1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd066aabc48ded6e145860474cf8179f97ace22b8c002fc6d88899d1aa7e5ee4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bGzsnJLMJPMjbNgPnz4KDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=kj8s98wl7jk1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 25 Apr 2021 14:21:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-bGzsnJLMJPMjbNgPnz4KDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11058
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pubads_impl_2021042001.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 1415ms
50ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 08:40:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
expires: Sun, 25 Apr 2021 14:21:53 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 21ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210425

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d898ecc5724386d23b5874ed71df0fccf83a2ad3dfd2752a22f97653e9e69c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 22465
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 930
etag: W/"67b-PipOZKqUD7JqTxfgIZNxmls5Yg4"
x-served-by: cache-fra19122-FRA, cache-hhn4042-HHN
date: Sun, 25 Apr 2021 14:21:52 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
950 B 402ms
59ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1732b1561025994a3e9955a80bec99a8a393c2f81e7113402b5ab864d9b234c1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:52 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: b2051ed5-e341-4519-93ba-f1f668ebddf0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
140 B 1535ms
54ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.36.0&cb=42968279572
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:53 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ 0
0

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
735 B 253ms
236ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shrinke.me
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lLCNj9E6qdcF3OEcT6ias86%2FXQuk3PpDCX8dOkLq4j%2FtdP%2BzTo7g0W3uOCC03%2BZUI1prDCymnkRqlarw8qRXEXEPeHgLBpogDVISqRlMIWMpysQxV0qMAaS0vX99mdnl3g%3D%3D"}]}
access-control-allow-credentials: true
cf-ray: 645838632a8d2b16-FRA
cf-request-id: 09ab0191f500002b16980e1000000001

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
235 B 1651ms
135ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:53 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 12
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
140 B 1524ms
55ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.36.0&cb=80169880242
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:53 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
834 B 548ms
158ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4772e0c8bccacbca8857bb43638a2e8c61a733a46b9dd45ae87563e78e039ee8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:53 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid: c86c3b66-a461-423b-a183-bf9ca32fc6cf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST bids
prebid-eu.creativecdn.com/bidder/prebid/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
360 B 1635ms
129ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:53 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 5
vary: origin

GET ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ 0
0

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
367 B 272ms
269ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shrinke.me
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eRQR6rnla4JnbKBLBrLeq%2BQt%2FdaK8oztHZRddL6gmMFO2nKVteL2L1jMOmjOMaXcPwu5ZP7cjUMW%2F046xH4enHRH9o6R0ztsYrvMOyA7Vy4SR02sY8eFyZ7Zxp84hDZ71Q%3D%3D"}]}
access-control-allow-credentials: true
cf-ray: 645838632a8f2b16-FRA
cf-request-id: 09ab0191f600002b16980e2000000001

GET
H2 200 /
logs.vlitag.com/sub/ 0
438 B 125ms
116ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.vlitag.com/sub/?d=shrinke.me&h=shrinke.me
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LmE3bAS%2FQfUqjshoSvH800VDA0Otj27GAfNHZ%2BbA7Rw1WB49hE22JO5VBm%2FyVz3nnjdjVf7kXq4soyYMdmls6tGxts3dO8cMz19fLtkMgT1Ge3C1TllsEbTy1HI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 645838632832d725-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 09ab0191fc0000d72529a2b000000001

GET
H3-29 200 1592294784.jpg
assets.vlitag.com/widget/2020/06/16/ 20 KB
21 KB 25ms
14ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/16/1592294784.jpg

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 196444
cf-polished: qual=85, origFmt=jpeg, origSize=26122
content-disposition: inline; filename="1592294784.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20188
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 16 Jun 2020 08:06:24 GMT
server: cloudflare
etag: "5ee87d80-660a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pML0ynisoPD%2FWKaR%2BfN8sugFYIJTDzwZ3OFRtX1lmKDouFm9%2FgBi%2F9QHfSQzedJ4Kkb%2FPdvNtFHC8s%2BTIAntboxHygPio01XJqQNUjVWCH%2BeEdQ6g06hK6rJLRXVXA%3D%3D"}]}
content-type: image/webp
expires: Fri, 23 Apr 2021 08:17:48 GMT
cache-control: max-age=16070400
cf-request-id: 09ab01920500004e861f343000000001
accept-ranges: bytes
cf-ray: 645838633e194e86-FRA
cf-bgj: imgq:85,h2pri

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29

206

videoplayback
r4---sn-4g5e6nez.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=TV1MKMdUJ3Y&t=y
https://redirector.googlevideo.com/videoplayback?expire=1619373396&ei=81iFYPn6Opn2hwbFypqoDA&ip=193.56.74.18&id=o-ADH2BJX_NFWZW_uSvNuD6hrO4Qehr69lkFQnAXD4lu2h&itag=22&source=youtube&requiressl=yes&...
https://r4---sn-4g5e6nez.googlevideo.com/videoplayback?expire=1619373396&ei=81iFYPn6Opn2hwbFypqoDA&ip=193.56.74.18&id=o-ADH2BJX_NFWZW_uSvNuD6hrO4Qehr69lkFQnAXD4lu2h&itag=22&source=youtube&requiress...

320 KB
0

20ms
9ms

Media
video/mp4

2a00:1450:4001:29::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nez.googlevideo.com/videoplayback?expire=1619373396&ei=81iFYPn6Opn2hwbFypqoDA&ip=193.56.74.18&id=o-ADH2BJX_NFWZW_uSvNuD6hrO4Qehr69lkFQnAXD4lu2h&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=AIluszUNYDWJHFBGkSR772IF&cnr=14&ratebypass=yes&dur=347.881&lmt=1543416986231159&fvip=4&fexp=24001373%2C24007246&c=WEB&txp=5532432&n=YQxYregHPbdmerqUwy&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgZJ_jVxR9QBSYBGGHrgBQRQ057J99XVV6UfOqaa89GhMCIQDJZVUTm3SLDD2RTROCuxu6LrE1WAJWXj13iM7q1X_FUA%3D%3D&cms_redirect=yes&mh=qk&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nez&ms=au&mt=1619360200&mv=m&mvi=4&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgV1kRhiJriTpRkJZbO-LbGqXTGxKRV3gAxKjXfKg7fpYCIDzSPaa2WhEPZB7qASq3f-X3_zZPbmbhj0yKNyzcyCXE

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:29::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Nov 2018 14:56:26 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-35935152/35935153
client-protocol: quic
cache-control: private, max-age=12584
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 35935153
expires: Sun, 25 Apr 2021 14:21:52 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:52 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5e6nez.googlevideo.com/videoplayback?expire=1619373396&ei=81iFYPn6Opn2hwbFypqoDA&ip=193.56.74.18&id=o-ADH2BJX_NFWZW_uSvNuD6hrO4Qehr69lkFQnAXD4lu2h&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=AIluszUNYDWJHFBGkSR772IF&cnr=14&ratebypass=yes&dur=347.881&lmt=1543416986231159&fvip=4&fexp=24001373%2C24007246&c=WEB&txp=5532432&n=YQxYregHPbdmerqUwy&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgZJ_jVxR9QBSYBGGHrgBQRQ057J99XVV6UfOqaa89GhMCIQDJZVUTm3SLDD2RTROCuxu6LrE1WAJWXj13iM7q1X_FUA%3D%3D&cms_redirect=yes&mh=qk&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nez&ms=au&mt=1619360200&mv=m&mvi=4&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgV1kRhiJriTpRkJZbO-LbGqXTGxKRV3gAxKjXfKg7fpYCIDzSPaa2WhEPZB7qASq3f-X3_zZPbmbhj0yKNyzcyCXE
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame FAE7 51 KB
25 KB 22ms
8ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=kj8s98wl7jk1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 528
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Mon, 25 Apr 2022 14:13:04 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame FAE7 334 KB
334 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 168336
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341908
x-xss-protection: 0
expires: Sat, 23 Apr 2022 15:36:16 GMT

GET
DATA 200
OK truncated
/ Frame FAE7 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FAE7 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FAE7 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 254783
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Thu, 29 Apr 2021 15:35:29 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FAE7 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.recaptcha.net
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 405352
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 20 Apr 2022 21:46:00 GMT

GET
H3-29 200 JXRfJF9kyDc4fFyGVy77wzRRT2iFLsFZ8moTTM1SROU.js Show response
www.google.com/js/bg/ Frame FAE7 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/JXRfJF9kyDc4fFyGVy77wzRRT2iFLsFZ8moTTM1SROU.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25745f245f64c837387c5c86572efbc334514f68852ec159f26a134ccd5244e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 13:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:30:00 GMT
server: sffe
age: 176621
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5802
x-xss-protection: 0
expires: Sat, 23 Apr 2022 13:18:11 GMT

GET
H3-29 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame FAE7 102 B
131 B 17ms
16ms Other
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=kj8s98wl7jk1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Sun, 25 Apr 2021 14:21:52 GMT

GET
H3-29 200 bframe Show response
www.recaptcha.net/recaptcha/api2/ Frame E5C5 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=f2m85p1wmksd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd85f5ccac3cd657d60e9fbf3d50381476295363fdeb9c1b04c1d399c7d8dc58

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-igKmKAjB+8aPoPo/ePbBEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=f2m85p1wmksd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 25 Apr 2021 14:21:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-igKmKAjB+8aPoPo/ePbBEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame 21F3 257 KB
82 KB 118ms
118ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cb=3060496486&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 05:31:13 GMT
server: cloudflare
age: 2913616
etag: W/"5f3f5c21-405dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64583864786496da-FRA
cf-request-id: 09ab0192fe000096daee9c2000000001
expires: Thu, 17 Mar 2022 21:01:36 GMT

GET
H2 200 ga.js Show response
cdn-adtrue.com/track/ Frame 21F3 751 B
1 KB 30ms
14ms Script
application/x-javascript 2606:4700:e0::ac40:6224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cb=3060496486&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2111321
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab0192dd0000c2a9a0bbc000000001
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HDuYvcIS0d45tQ%2BFacrRf0YiEDZ6l3woMEl%2BW%2BRaYPygsR58wTL%2BSmiV8AfmpZOVUTSCxXMGo4qbgQe98gBWjNJnRPR79gcT4fWKdnH3wz%2F2COYHEckH6rh2qg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 645838649bcac2a9-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame 9502 257 KB
82 KB 67ms
67ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cb=3060496486&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 05:31:13 GMT
server: cloudflare
age: 2913616
etag: W/"5f3f5c21-405dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64583864786596da-FRA
cf-request-id: 09ab0192f7000096da0881a000000001
expires: Thu, 17 Mar 2022 21:01:36 GMT

GET
H2 200 ga.js Show response
cdn-adtrue.com/track/ Frame 9502 751 B
585 B 29ms
14ms Script
application/x-javascript 2606:4700:e0::ac40:6224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cb=3060496486&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2111321
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab0192de0000c2a960899000000001
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hC4V%2BPnZ5BsVSXB%2BPt9f0oqbnCWDsPIQteHRkOhnWZ1QCjZKZAOh8BZNakzzULNDaJrQ0hnv%2BPznWDjJL1dFbMqwsYbAmRDJFm0d6gdH3ssM%2Fu2i2Wv8dAGwOg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 645838649bccc2a9-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame E5C5 51 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=f2m85p1wmksd

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 528
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Mon, 25 Apr 2022 14:13:04 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame E5C5 334 KB
334 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=f2m85p1wmksd

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 15:36:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 168336
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341908
x-xss-protection: 0
expires: Sat, 23 Apr 2022 15:36:16 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9502 143 B
1 KB 165ms
71ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

aaf004e3a76b910ca8af7c9950fdeaf1afd775154abf7b52f39b9fbd6ba3ec7e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:52 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid: e450e5c5-6676-43af-977d-0beb1eb3ab08
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST cdb
bidder.criteo.com/ Frame 9502 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9502 0
112 B 219ms
88ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 21F3 0
56 B 188ms
92ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST cdb
bidder.criteo.com/ Frame 21F3 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 21F3 143 B
1 KB 191ms
64ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cd75ecbb5b368606b4cc693c483f9275cb54cc2659d702c91574d090f997d0e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:53 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.187:80
AN-X-Request-Uuid: 0b5af4e8-93a7-465c-ae74-8fbb999a384c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame 00DA 753 B
705 B 13ms
13ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
age: 2913295
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6458386b7bf196da-FRA
cf-request-id: 09ab01972e000096daf102f000000001
expires: Thu, 17 Mar 2022 21:06:57 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9502 80 KB
26 KB 83ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 26 Apr 2021 14:21:53 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame 00DA 457 B
648 B 190ms
190ms Script
application/javascript 35.161.243.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=66746746&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.243.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7787a017270852a35b3781134427ea201600bf67fbf7b97d99d720fc567d4495

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
server: nginx
content-length: 457
content-type: application/javascript

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame 4A10 753 B
511 B 14ms
14ms Script
application/x-javascript 2606:4700:10::ac43:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
age: 2913295
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6458386bbc0496da-FRA
cf-request-id: 09ab019755000096da23020000000001
expires: Thu, 17 Mar 2022 21:06:57 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 21F3 80 KB
26 KB 54ms
50ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 26 Apr 2021 14:21:53 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame 4A10 457 B
648 B 190ms
190ms Script
application/javascript 35.161.243.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=1285963508&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.243.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7787a017270852a35b3781134427ea201600bf67fbf7b97d99d720fc567d4495

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
server: nginx
content-length: 457
content-type: application/javascript

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5D29 0
150 B 64ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=shrinke.me&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=shrinke.me&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1513
date: Sun, 25 Apr 2021 14:21:53 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9502 80 KB
26 KB 95ms
53ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 26 Apr 2021 14:21:53 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 21F3 80 KB
26 KB 66ms
41ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:53 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 26 Apr 2021 14:21:53 GMT

GET
H/1.1 403
Forbidden invoke.js
www.topdisplaynetwork.com/2b7825b40010ad17ac7b5777c664449c/ Frame 00DA 0
0 409ms
136ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topdisplaynetwork.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 14:21:54 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
www.topdisplaynetwork.com/2b7825b40010ad17ac7b5777c664449c/ Frame 4A10 0
0 423ms
158ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topdisplaynetwork.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 14:21:54 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 / Show response
tag.vlitag.com/passback/ Frame 618D 197 B
646 B 13ms
13ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1619247342&d=8509&z=29441&divID=vi_850929441_143&w=320&h=100

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecebd072da484574bae3ad8fbd2dda03529d4e5716486df4fdde5820cab09931

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 111962
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pZMccZcp8NOaX9w5lSo7usSzJ9dD4%2FwWO4ldewS3pD%2BMVK%2Bcaqd64XcezwEwM9LD4ACJRWxL7gxBjWDf7Rui0b7LZ2rNy67N9PQ7sJ4Guwb2QygwCbrU1qdR4g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 09ab0199b30000d725d6902000000001
cf-ray: 6458386f8a5dd725-FRA

GET
H2 200 / Show response
tag.vlitag.com/passback/ Frame 7BE7 197 B
647 B 19ms
19ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1619247342&d=8509&z=29441&divID=vi_850929441_483&w=320&h=100

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecebd072da484574bae3ad8fbd2dda03529d4e5716486df4fdde5820cab09931

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 110927
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qsRlC25Gdd%2BUGN%2F93RdXDwmaT4fNMNZn7huctS4PXQ7KUQ98tCTUU0C1n3TMLhm55n0k0CkcS3Jc5qS9GbmjgUJuY3c3y%2B6bg%2Fi8MKW9QSrLXTLowGCqLaTMHw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 09ab0199b70000d725e8333000000001
cf-ray: 6458386f8a67d725-FRA

GET
H2 200 /
stats.vlitag.com/pi/ 0
272 B 151ms
141ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNytUaMPPy-qZYr-PeZP-wPKt-KMqryYqrrwMtRzNhqllwqe0RrNMZAaRmNYaPPTRrcorNco_MZAaYaPPT_TPBRrtNRcsokty_orN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mpheZbXcToKyMOHr1qj0fZj6iBhY%2BrxZSa3CSJjBdD%2FBHYm6vUt%2BW9%2F%2BD6YCWVwf1VNsUZ%2B5ECP8Qq8ZsaANBFLSpNRaQjzk75ke8qfAwf%2Fxu%2FB3UjNm9zYIs%2F0e"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6458386f9a89d725-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 09ab0199c30000d725e6237000000001

GET
H2 200 /
stats.vlitag.com/pi/ 0
306 B 128ms
118ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNZrAYaayK-PMew-PrUB-Maqy-BUKtarPaTMreRzNhqllwqe0RrNMZAaRmNYaPPTRrcorNco_MZAaYaPPT_PMBRrtNRcsokty_orN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LWRSZmIEIo8HIG9aVrf9YhgRn1upjkbE2epkCEjsHjPLY%2B6qWxFvJ0xLezmxtgaNGPHDQBc8NQp5YRWa6X695862IamWBNGjvw1%2B2yxJAMBOMoVrgkp2Q7zG4nCX"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6458386f9a87d725-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 09ab0199c30000d725ccbc9000000001

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 28ms
27ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 26 Apr 2021 14:21:54 GMT

GET
H3-29 200 / Show response
tag.vlitag.com/passback/ Frame 012B 195 B
831 B 16ms
16ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1619247342&d=8509&z=29440&divID=vi_850929440_812&w=970&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1b65da7e1759e98a2f61c7c52b78089e03473fbfa1fe85e8891e3255cbbf9f5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 104421
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4kl4G6mjsMaARSeCgBmqFWqhDSObaW%2FLJp7%2BE0TjL5noDIDRSfj4JTio7bO2bzCsED788sDtxoGUOVSy2AIK6LgOOIYRAXWu3NkQ6lWl7prWtKdkvKjQVw6I1w%3D%3D"}]}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 09ab0199c200004e86c432f000000001
cf-ray: 6458386f98ac4e86-FRA

GET
H2 200 /
stats.vlitag.com/pi/ 0
263 B 143ms
143ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNYYZqrBTA-aeya-PUqT-MAaw-yywawMABrwUPRzNhqllwqe0RrNMZAaRmNYaPPARrcorNco_MZAaYaPPA_MTYRrtNRcsokty_orN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0dLj2woi4ID5UGsOCQot7RpdYfnv0y%2Ff6u24iSSS5LPYJhx8iFvKG3vuR627QqX%2BGLvCEWBrhStdfmcWQYv62c7vUDqbkgJ%2BqhmmjV9k%2B3wUnCR9ZvvtoEWKwCf4"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6458386f9a8bd725-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 09ab0199c40000d725008e3000000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0485 88 KB
35 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7853be5e58b39ebdf025bfa542c9f223839d411e0be4bd6598b337df8b641331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35718
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Apr 2021 14:21:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 50D6 88 KB
35 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3901406324e631dbdd56a213bbb2aa46807a7c54f4531131e2dd69d3f249bf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35717
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Apr 2021 14:21:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame FDA0 88 KB
35 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1619247342/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3901406324e631dbdd56a213bbb2aa46807a7c54f4531131e2dd69d3f249bf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35717
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Apr 2021 14:21:54 GMT

GET
H2 200 shrinke.me.1062925.js Show response
jsc.adskeeper.com/s/h/ Frame 618D 266 KB
73 KB 42ms
18ms Script
text/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1619247342&d=8509&z=29441&divID=vi_850929441_143&w=320&h=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72e969281b43339f115d60ad0f47fb5a3e545d75cc259fab651545ab6f45709

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3374
cf-ray: 6458386fee250ea7-FRA
content-length: 73695
x-amz-id-2: E9iKbUXME9HkrsjUS2VwSEc5FUGv2tuK1raKSSutnkWvXpf7CvSDJxERMLXRNF4Gdz83RRMBU3c=
last-modified: Fri, 23 Apr 2021 20:15:22 GMT
server: cloudflare
etag: "b9cc8b987fa600054fe302e5f5b40e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: N2Y66VZWAYEB5Q5M
cache-control: public, max-age=14400
cf-request-id: 09ab0199ed00000ea7f23cc000000001
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 25 Apr 2021 18:21:54 GMT

GET
H2 200 shrinke.me.1062925.js Show response
jsc.adskeeper.com/s/h/ Frame 7BE7 266 KB
72 KB 49ms
26ms Script
text/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1619247342&d=8509&z=29441&divID=vi_850929441_483&w=320&h=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72e969281b43339f115d60ad0f47fb5a3e545d75cc259fab651545ab6f45709

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3374
cf-ray: 6458386fee270ea7-FRA
content-length: 73695
x-amz-id-2: E9iKbUXME9HkrsjUS2VwSEc5FUGv2tuK1raKSSutnkWvXpf7CvSDJxERMLXRNF4Gdz83RRMBU3c=
last-modified: Fri, 23 Apr 2021 20:15:22 GMT
server: cloudflare
etag: "b9cc8b987fa600054fe302e5f5b40e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: N2Y66VZWAYEB5Q5M
cache-control: public, max-age=14400
cf-request-id: 09ab0199ed00000ea7c924c000000001
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 25 Apr 2021 18:21:54 GMT

GET
H2 200 shrinke.me.992723.js Show response
jsc.adskeeper.com/s/h/ Frame 012B 266 KB
72 KB 48ms
25ms Script
text/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1619247342&d=8509&z=29440&divID=vi_850929440_812&w=970&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d7360e1df11d7d55ef790f0aa01e0a885ca0606efc1e3bcf529064a88330be1

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7159
cf-ray: 6458386fee290ea7-FRA
content-length: 73645
x-amz-id-2: WBHphILLZ9zxkt0Xwk16hUFMcwQB++rellgKTwuZdeqqM0jWjDGAor/7cmyY0iI6VDrcxSZ9yK8=
last-modified: Sat, 24 Apr 2021 05:55:56 GMT
server: cloudflare
etag: "45951641a44ac938018d12d67c4f29d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: NGX9YJ0YRYT06CJ2
cache-control: public, max-age=14400
cf-request-id: 09ab0199ed00000ea761310000000001
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 25 Apr 2021 18:21:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0485 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3551
date: Sun, 25 Apr 2021 13:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 25 Apr 2021 15:22:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 50D6 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3551
date: Sun, 25 Apr 2021 13:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 25 Apr 2021 15:22:43 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame FDA0 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3551
date: Sun, 25 Apr 2021 13:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 25 Apr 2021 15:22:43 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 0485 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=699397802&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=IEBAAUABAAAAAC~&jid=553696088&gjid=91798300&cid=1568472834.1619360515&tid=UA-128776493-28&_gid=539584855.1619360515&_r=1&gtm=2ou4e1&z=2071553453

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame FDA0 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=849887332&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=AACAAUAB~&jid=&gjid=&cid=1568472834.1619360515&tid=UA-128776493-28&_gid=539584855.1619360515&gtm=2ou4e1&z=1502160107

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 10:04:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15443
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame 50D6 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1501979090&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=AACAAUAB~&jid=&gjid=&cid=1568472834.1619360515&tid=UA-128776493-28&_gid=539584855.1619360515&gtm=2ou4e1&z=1149511486

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 10:04:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15443
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 26ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 26 Apr 2021 14:21:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 618D 2 KB
642 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 13:17:36 GMT
server: ESF
date: Sun, 25 Apr 2021 14:21:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Apr 2021 14:21:54 GMT

GET
H2 200 / Show response
c.adskeeper.com/pv/ Frame 618D 0
310 B 61ms
60ms Script
text/plain 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&cbuster=1619360514664712888566&uniqId=024fc&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cxurl=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&lu=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&pageView=1&site=629011&pvid=1790968826986251262&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64583870af980ea7-FRA
cf-request-id: 09ab019a6d00000ea7f9199000000001

GET
DATA 200
OK truncated
/ Frame 618D 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 618D 4 KB
2 KB 94ms
36ms Image
image/svg+xml 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 3302
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SY4EHHE0NKB1WJAG
x-amz-id-2: 4EyjVZyU6JosDB1zGHnlKpZNvzNh1GdOcUOLhpZGptDQljf/KbD4KrMIdmHcwR3MnDxW6da9uIY=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 09ab019ab80000006eb1b5b000000001
cf-ray: 645838712bb0006e-WAW
expires: Sun, 25 Apr 2021 18:21:54 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7BE7 2 KB
546 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 13:18:39 GMT
server: ESF
date: Sun, 25 Apr 2021 14:21:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Apr 2021 14:21:54 GMT

GET
DATA 200
OK truncated
/ Frame 7BE7 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 7BE7 4 KB
1 KB 34ms
34ms Image
image/svg+xml 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 3302
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SY4EHHE0NKB1WJAG
x-amz-id-2: 4EyjVZyU6JosDB1zGHnlKpZNvzNh1GdOcUOLhpZGptDQljf/KbD4KrMIdmHcwR3MnDxW6da9uIY=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 09ab019acf0000006e97097000000001
cf-ray: 645838714bf8006e-WAW
expires: Sun, 25 Apr 2021 18:21:54 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 618D 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 477077
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
H2 200 1 Show response
servicer.adskeeper.com/1062925/ Frame 618D 1002 B
802 B 125ms
122ms Script
application/x-javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1062925/1?pv=5&cbuster=1619360514763735355743&uniqId=024fc&niet=4g&nisd=false&w=320&h=100&cols=1&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cxurl=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&lu=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&pageView=1&pvid=179096882cba9c0b595&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45601fb2dd0718d1b9aa3920f1e155456a61f9b5adef863415d110a174896ec4

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64583871486d0ea7-FRA
cf-request-id: 09ab019ad800000ea7cc92a000000001

GET
H3-29 200 css
fonts.googleapis.com/ Frame 012B 2 KB
546 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 12:46:21 GMT
server: ESF
date: Sun, 25 Apr 2021 14:21:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Apr 2021 14:21:54 GMT

GET
H3-29 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 012B 4 KB
2 KB 81ms
47ms Image
image/svg+xml 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 3302
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SY4EHHE0NKB1WJAG
x-amz-id-2: 4EyjVZyU6JosDB1zGHnlKpZNvzNh1GdOcUOLhpZGptDQljf/KbD4KrMIdmHcwR3MnDxW6da9uIY=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 09ab019b420000f2986c93a000000001
cf-ray: 645838720b34f298-WAW
expires: Sun, 25 Apr 2021 18:21:54 GMT

GET
DATA 200
OK truncated
/ Frame 012B 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 7BE7 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 477077
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
H2 200 1 Show response
servicer.adskeeper.com/1062925/ Frame 7BE7 1002 B
774 B 64ms
64ms Script
application/x-javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1062925/1?w=320&h=100&cols=1&pv=5&cbuster=1619360514883785942032&uniqId=02b69&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cxurl=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&lu=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&pageView=0&pvid=17909688343afee97c8&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1c845e1538dd7522f43fc845621e078a4048e54f64350ca62e9f89b7ac389ae

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6458387209be0ea7-FRA
cf-request-id: 09ab019b4500000ea7bb838000000001

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 012B 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 477077
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
H2 200 1 Show response
servicer.adskeeper.com/992723/ Frame 012B 1001 B
799 B 105ms
105ms Script
application/x-javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/992723/1?w=970&h=250&cols=1&pv=5&cbuster=1619360514917837249350&uniqId=141e5&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&cxurl=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&lu=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&pageView=0&pvid=179096883669881229e&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e791a34c10ee5028573dece533a31db48091b0397f8ccbd56b2bbb04b1121e7

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 645838724a200ea7-FRA
cf-request-id: 09ab019b6b00000ea7f23e8000000001

GET
H2 200 i.js Show response
cm.adskeeper.com/ Frame 618D 19 B
173 B 108ms
102ms Script
application/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1619360514926509796567
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 30142400-c817-4001-a9cb-2b03bbab11b4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 645838725a3b0ea7-FRA
cf-request-id: 09ab019b7600000ea7ad21a000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame DDF6 19 B
258 B 110ms
110ms Script
application/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=161936051493180391902
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: d665ef4c-8059-4da7-89d3-416d993a0e7e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 645838725a3c0ea7-FRA
cf-request-id: 09ab019b7600000ea78aaa1000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1Lzg1NGQwNWU2MjVlZjcxZmU3Njg1ZWIxYTExMmQ4ZDg3LmpwZw.webp
s-img.adskeeper.com/g/6613146/492x328/0x0x492x328/ Frame 618D 10 KB
11 KB 16ms
15ms Image
image/webp 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/6613146/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1Lzg1NGQwNWU2MjVlZjcxZmU3Njg1ZWIxYTExMmQ4ZDg3LmpwZw.webp?v=1619360514-k5AEcLjZYmsWi4EgyFVoRFpIF3okFVJkZuv8MzbhOrE
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b3b0acc55f536e7706c24d1537a3fd13eaa007809f8b468336dbf20704de4e

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Apr 2021 12:47:40 GMT
x-mg-request-uuid: 73e953ca-61f7-4218-acb5-e252a1c13356
age: 351187
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 645838725a410ea7-FRA
content-length: 10570
cf-request-id: 09ab019b7800000ea7731a7000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1Lzg1NGQwNWU2MjVlZjcxZmU3Njg1ZWIxYTExMmQ4ZDg3LmpwZw.webp
s-img.adskeeper.com/g/6613146/492x328/0x0x492x328/ Frame 7BE7 10 KB
10 KB 13ms
12ms Image
image/webp 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/6613146/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1Lzg1NGQwNWU2MjVlZjcxZmU3Njg1ZWIxYTExMmQ4ZDg3LmpwZw.webp?v=1619360514-k5AEcLjZYmsWi4EgyFVoRFpIF3okFVJkZuv8MzbhOrE
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b3b0acc55f536e7706c24d1537a3fd13eaa007809f8b468336dbf20704de4e

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:54 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Apr 2021 12:47:40 GMT
x-mg-request-uuid: 73e953ca-61f7-4218-acb5-e252a1c13356
age: 351187
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 645838727a670ea7-FRA
content-length: 10570
cf-request-id: 09ab019b8b00000ea76132b000000001
server: cloudflare

GET
H2 200 i.js Show response
cm.adskeeper.com/ Frame 7BE7 19 B
263 B 100ms
100ms Script
application/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1619360514955792780257
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: eaf15edc-dd37-46e9-a88f-10009186935b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 645838727a6d0ea7-FRA
cf-request-id: 09ab019b8d00000ea7c3a92000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 0A3E 19 B
151 B 100ms
99ms Script
application/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1619360514959600213483
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 2f4bb593-a5a6-4fbc-9f9c-7e0d11d9b5a5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 645838728a830ea7-FRA
cf-request-id: 09ab019b9200000ea7f91aa000000001
server: cloudflare

GET
H2 200 i.js Show response
cm.adskeeper.com/ Frame 012B 19 B
252 B 80ms
79ms Script
application/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1619360515031326481215
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 81975e42-a192-40b9-bcd6-011b3265e208
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64583872fb820ea7-FRA
cf-request-id: 09ab019bd900000ea765b16000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame AB75 19 B
305 B 112ms
112ms Script
application/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1619360515035148935451
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: ac635af7-b8e1-4559-ac0a-51507a2501cc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64583872fb9a0ea7-FRA
cf-request-id: 09ab019bdd00000ea7c0073000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1Lzg1NGQwNWU2MjVlZjcxZmU3Njg1ZWIxYTExMmQ4ZDg3LmpwZw.webp
s-img.adskeeper.com/g/6613146/492x277/0x0x492x328/ Frame 012B 9 KB
9 KB 16ms
16ms Image
image/webp 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/6613146/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1Lzg1NGQwNWU2MjVlZjcxZmU3Njg1ZWIxYTExMmQ4ZDg3LmpwZw.webp?v=1619360514-0_oR1UYdzTW-sVC4OEhVlPENTZEDYTqvI5Kn2BLETiE
Requested by: Host: shrinke.me
URL: https://shrinke.me/jqQsFKb2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882af3edd788babf59bdb32712ee58f8d5d2dbeccbc9db76b214748edbf340aa

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:55 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Apr 2021 12:48:31 GMT
x-mg-request-uuid: dc6d1d7f-3533-4b18-815e-44c1877e0855
age: 205632
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 64583872fb9e0ea7-FRA
content-length: 9098
cf-request-id: 09ab019bde00000ea7ad222000000001
server: cloudflare

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
140 B 55ms
54ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=106&profileId=185&av=33&wv=4.36.0&cb=25537260975
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:55 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
172 B 152ms
57ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:55 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.13504013089413158&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%...
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.13504013089413158&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=h...

440 B
852 B

54ms
53ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.13504013089413158&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2ffa26be74b68c9aac1d41cd223fef5327961ba18315d5bb9718513c59133bf2

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:55 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://shrinke.me
expires: Sun, 25 Apr 2021 14:21:55 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 440
x-sid: AMS-749

Redirect headers

date: Sun, 25 Apr 2021 14:21:55 GMT
server: openresty
access-control-allow-origin: https://shrinke.me
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.13504013089413158&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FjqQsFKb2&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-749

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 613 B
992 B 99ms
99ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

nginx/1.17.9 /

Resource Hash

d4fccfdfd4a3ef215d85153ce91e8fa9ee25b1ae22eb914f1d6ee433e4908e03

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 25 Apr 2021 14:21:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.59:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5c28d9de-a030-4856-a696-56e219b5e6ec
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
505 B 221ms
220ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Apr 2021 14:21:55 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shrinke.me
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aWt6n%2FHzZwXENzHccr%2BYGcTDYGkyDfwB6scfQKM0BPurxmjxnz%2BF%2BbUy27Q%2B2Q1gXHvk44ipluDPCgQFTJsngt7UjNKwzSr3wqMyKd3VKoL6LN9pppP94MTw6%2FffJaPlGw%3D%3D"}]}
access-control-allow-credentials: true
cf-ray: 64583875fb692b16-FRA
cf-request-id: 09ab019dbb00002b166b224000000001

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
258 B 163ms
162ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 38
vary: origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
140 B 54ms
54ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://shrinke.me
date: Sun, 25 Apr 2021 14:21:54 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
3 KB 22ms
22ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1063191
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ab019e9e0000d725dd304000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lYpkSfJq69oEgvtSCfcUSDDVC2g0dhec4ThiN0OxlnUkOhWZ%2BpabOKJmcsjrZibR4R%2FqJWcp1bCM81TFIVGvO51aibZEza9oZvOf56%2Br23wXsUpH6LGJLgvFtXv5%2FA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 6458387768cad725-FRA

GET
H2 200 c
c.adskeeper.com/ Frame 618D 43 B
383 B 51ms
51ms Image
image/gif 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=314|94|12|QiaxRGx-GXRQKQaEMatAsBS2PEWL2vZ9ZyXynU96TrW7T8ggQGvnfhBXQp7qlrd4&fw=1&extjs=66044&cid=1062925&h2=vlJ0RdnMYFlD0pCQy6adPs14DNLDSCaIe2P3aOlx5_w*&rid=95fe5735-a5d1-11eb-97b2-d094662c1c35&tt=Direct&iv=11&pageImp=1&cbuster=1619360516054760483782&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:56 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 209a1262-9513-44a2-afa2-b54b7a781d30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 645838795e4f0ea7-FRA
cf-request-id: 09ab019fd800000ea7e69cb000000001
server: cloudflare

GET
H2 200 c
c.adskeeper.com/ Frame 7BE7 43 B
154 B 60ms
60ms Image
image/gif 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=314|94|12|QiaxRGx-GXRQKQaEMatAsBS2PEWL2vZ9ZyXynU96TrW7T8ggQGvnfhBXQp7qlrd4&fw=1&extjs=66044&cid=1062925&h2=vlJ0RdnMYFlD0pCQy6adPs14DNLDSCaIe2P3aOlx5_w*&rid=960e4895-a5d1-11eb-856c-d094662c24f7&tt=Direct&iv=11&pageImp=0&cbuster=1619360516072925831526&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:56 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4358e6fa-cb26-40ca-979f-a344ffb480e0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 645838797e7c0ea7-FRA
cf-request-id: 09ab019fea00000ea7df024000000001
server: cloudflare

GET
H2 200 c
c.adskeeper.com/ Frame 012B 43 B
153 B 59ms
59ms Image
image/gif 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=294|230|12|-htVFpbtJgeateH-MvfCaBG6ER49OzSkG_DW2uNymM2EKIQkY-Av24xs4iZvMcSf&fw=1&extjs=66044&cid=992723&h2=vlJ0RdnMYFlD0pCQy6adPs14DNLDSCaIe2P3aOlx5_w*&rid=96133470-a5d1-11eb-94b7-d094662f8ab5&tt=Direct&iv=11&pageImp=0&cbuster=1619360516159323697824&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:56 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3b18b4fd-ed1b-4ab7-8fcd-e4d7e6e537ce
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6458387a0f3e0ea7-FRA
cf-request-id: 09ab01a04100000ea7b8127000000001
server: cloudflare

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A5E6 38 KB
14 KB 150ms
52ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137160
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:21:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6AB6 52 KB
17 KB 144ms
45ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 25 Apr 2021 14:21:56 GMT
Age: 33847
X-Served-By: cache-lga21951-LGA, cache-fra19160-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 244744
X-Timer: S1619360517.962848,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A060 38 KB
14 KB 163ms
70ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137160
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:21:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EA5F 52 KB
17 KB 136ms
45ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 25 Apr 2021 14:21:56 GMT
Age: 33847
X-Served-By: cache-lga21951-LGA, cache-fra19148-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 234876
X-Timer: S1619360517.992290,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A5E6 6 KB
6 KB 197ms
47ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=12135408&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f0e68b825d77350035fa3893c9a26592f875935b2087237ea519a3035cda46aa

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:55 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame E1B4 35 B
134 B 188ms
58ms Document
image/gif 213.155.156.169
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.169 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame B017 43 B
304 B 163ms
53ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sun, 25 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1493
date: Sun, 25 Apr 2021 14:21:56 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame ECD3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955100460957169805

42 B
771 B

212ms
52ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955100460957169805
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 25 Apr 2021 14:21:57 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6955100460957169805; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 25-May-2021 14:21:57 GMT; path=/ PugT=1619360517; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 25-May-2021 14:21:57 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:21:57 GMT; path=/
X-lat: lhrpug010:0:403
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sun, 25 Apr 2021 14:21:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6955100460957169805; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955100460957169805

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 9048
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBOTVFN0JDdllBQUNuNnVRLTgtZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA95E7BCvYAACn6uQ-8-g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

1437ms
54ms

Document
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA95E7BCvYAACn6uQ-8-g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA95E7BCvYAACn6uQ-8-g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 7EAF 43 B
408 B 143ms
46ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 52FC
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GNGLaQ9Bjpt9bqeCQaVOWs3d

42 B
775 B

409ms
52ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GNGLaQ9Bjpt9bqeCQaVOWs3d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 25 Apr 2021 14:21:57 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 25-May-2021 14:21:57 GMT; path=/ PugT=1619360517; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 25-May-2021 14:21:57 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:21:57 GMT; path=/
X-lat: lhrpug013:0:484
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sun, 25 Apr 2021 14:21:57 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=GNGLaQ9Bjpt9bqeCQaVOWs3d; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GNGLaQ9Bjpt9bqeCQaVOWs3d
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame D175
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4092331111
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4092331111
https://sync.1rx.io/usersync/tradedesk/52709101-6493-4390-8395-6b3dad330a0c
https://sync.targeting.unrulymedia.com/csync/RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003

42 B
849 B

53ms
53ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; PugT=1619360518
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 25 Apr 2021 14:21:58 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:21:58 GMT; path=/ PugT=1619360518; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 25-May-2021 14:21:58 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:21:58 GMT; path=/
X-lat: lhrpug018:0:462
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Sun, 25 Apr 2021 14:21:58 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003%22%7D; path=/; expires=Mon, 25 Apr 2022 14:21:58 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003
etag: RXd7a32aa3b3a445658cc15046636bace1003

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 4960 42 B
1 KB 57ms
34ms Document
image/gif 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=dc03976fc13abbf4217ac781684e28fa01619360517; expires=Tue, 25-May-21 14:21:57 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09ab01a47200004a8b2426d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64583880bbd24a8b-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 04EC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
445 B

191ms
184ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=asnoeUxZduBnRApTpqhIhcdOq3PQtP1aEfYhvG0Fq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d9c6cd11e9af9e60a4d37ecaf56bdc55a1619360517; expires=Tue, 25-May-21 14:21:57 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aqnseFmMZaE9DXqwmyCTJD47WTZcYYwSQQbeDpQ5oTZcsAT5STZcFX3oAiDJRQPqu0lHg0kfrlyZcHS4dQFIV87iW; path=/; domain=.tribalfusion.com; expires=Sat, 24-Jul-2021 14:21:57 GMT; SameSite=None; Secure; ANON_ID_old=aqnseFmMZaE9DXqwmyCTJD47WTZcYYwSQQbeDpQ5oTZcsAT5STZcFX3oAiDJRQPqu0lHg0kfrlyZcHS4dQFIV87iW; path=/; domain=.tribalfusion.com; expires=Sat, 24-Jul-2021 14:21:57 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 09ab01a51b0000dfbba7882000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64583881ce9adfbb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 25 Apr 2021 14:21:57 GMT
content-type: text/html
set-cookie: __cfduid=d9c6cd11e9af9e60a4d37ecaf56bdc55a1619360517; expires=Tue, 25-May-21 14:21:57 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=asnoeUxZduBnRApTpqhIhcdOq3PQtP1aEfYhvG0Fq; path=/; domain=.tribalfusion.com; expires=Sat, 24-Jul-2021 14:21:57 GMT; SameSite=None; Secure; ANON_ID_old=asnoeUxZduBnRApTpqhIhcdOq3PQtP1aEfYhvG0Fq; path=/; domain=.tribalfusion.com; expires=Sat, 24-Jul-2021 14:21:57 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 160
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 09ab01a46f0000dfbb8bbf3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64583880bca7dfbb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9BB0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=AmeLL9b3y1kv&pid=557219

1 B
463 B

55ms
55ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=AmeLL9b3y1kv&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; KRTBCOOKIE_218=22978-YIV7BgAAcHNz9AAC&KRTB&23194-YIV7BgAAcHNz9AAC&KRTB&23209-YIV7BgAAcHNz9AAC&KRTB&23244-YIV7BgAAcHNz9AAC; PugT=1619360519; SPugT=1619360518; chkChromeAb67Sec=2; DPSync3=1620518400%3A201_227_226_221_219_197_232%7C1619395200%3A174; SyncRTB3=1621900800%3A203%7C1624492800%3A69%7C1620604800%3A35%7C1620518400%3A7_5_57_13_233_189_81_161_165_220_104_8_231_222_176_54_204_56_71_22_55_78_21_166_230_88_99_3%7C1619913600%3A15_67_223_2%7C1620172800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 25 Apr 2021 14:22:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:22:00 GMT; path=/
X-lat: lhrpug006:0:456
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-bknrw
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=AmeLL9b3y1kv&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=f4a4bda12009a775; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C0CD
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ccae2d8-3681-4e9d-9106-c1c0ca321477-tuct77f0087&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
147 B

3204ms
78ms

Document
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ccae2d8-3681-4e9d-9106-c1c0ca321477-tuct77f0087&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ccae2d8-3681-4e9d-9106-c1c0ca321477-tuct77f0087&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=3ccae2d8-3681-4e9d-9106-c1c0ca321477-tuct77f0087
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Sun, 25 Apr 2021 14:22:03 GMT
via: 1.1 varnish
x-served-by: cache-fra19149-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1619360523.107176,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=3ccae2d8-3681-4e9d-9106-c1c0ca321477-tuct77f0087;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 25-Apr-2022 14:21:59 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3ccae2d8-3681-4e9d-9106-c1c0ca321477-tuct77f0087&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 varnish
x-served-by: cache-hhn11547-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619360520.903228,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame D8A8 0
44 B 1410ms
129ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sun, 25 Apr 2021 14:21:58 GMT
server: a

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A5E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lXzuiXQCTIyBpqaj8LyNFg%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lXzuiXQCTIyBpqaj8LyNFg%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

48ms
47ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=56131
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Mon, 26 Apr 2021 05:57:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame A5E6 95 B
596 B 286ms
265ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64583880ad794a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01a46c00004a67bf10b000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame A5E6
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

69ms
69ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:55 GMT
frontend-id: 10
location: /pubmatic/1/info2?sType=sync&sExtCookieId=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&addseg=21

7 B
147 B

398ms
50ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&addseg=21
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sun, 25 Apr 2021 14:21:57 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&addseg=21
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU3Q0VFODktNzQwMi00QzhDLTgxQTYtQTZBM0YwQkM4RDE2&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTU3Q0VFODktNzQwMi00QzhDLTgxQTYtQTZBM0YwQkM4RDE2&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

319ms
52ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
X-lat: lhrpug013:0:318
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEboTP4qheG0fa8Sc3cNjKI&google_cver=1

42 B
855 B

370ms
52ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEboTP4qheG0fa8Sc3cNjKI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
X-lat: lhrpug019:0:424
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEboTP4qheG0fa8Sc3cNjKI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame A5E6 43 B
609 B 178ms
55ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 24 Apr 2021 14:21:57 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=52709101-6493-4390-8395-6b3dad330a0c

42 B
882 B

54ms
53ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=52709101-6493-4390-8395-6b3dad330a0c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
X-lat: lhrpug012:0:473
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=52709101-6493-4390-8395-6b3dad330a0c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5912255990128083827

42 B
801 B

53ms
53ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5912255990128083827
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
X-lat: lhrpug011:0:493
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:22:01 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5912255990128083827
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2b916085-7b09-4f00-8718-f43fb5875f90&gdpr=0&gdpr_consent=

42 B
946 B

72ms
53ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2b916085-7b09-4f00-8718-f43fb5875f90&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
X-lat: lhrpug012:0:456
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
Server: MT3 3660 495c301 master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2b916085-7b09-4f00-8718-f43fb5875f90&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Apr 2021 14:22:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4372523012132661581&gdpr=0&gdpr_consent=

42 B
769 B

315ms
52ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4372523012132661581&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
X-lat: lhrpug012:0:394
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:57 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.230:80
AN-X-Request-Uuid: 5c03ffd4-c94f-4480-b625-f67e23bd7ef8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4372523012132661581&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 957CEE89-7402-4C8C-81A6-A6A3F0BC8D16
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A5E6 43 B
836 B 212ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/957CEE89-7402-4C8C-81A6-A6A3F0BC8D16?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tZlYEbhE2uXghP9XTDjCer9RbG7WqgA-~A&gdpr=0&gdpr_consent=

0
587 B

200ms
49ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tZlYEbhE2uXghP9XTDjCer9RbG7WqgA-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sun, 25 Apr 2021 14:22:01 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tZlYEbhE2uXghP9XTDjCer9RbG7WqgA-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET

bum
ums.acuityplatform.com/ Frame A5E6
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ums.acuityplatform.com/bum?tpid=29&uid=4270a6dd-24ab-49c4-b828-fabdea5b287d&bidswitch_ssp_id=pubmatic

0
0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD

42 B
894 B

104ms
53ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
X-lat: lhrpug019:0:420
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3390226349094122265&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

53ms
52ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3390226349094122265&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:57 GMT
X-lat: lhrpug015:0:439
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3390226349094122265&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 25 Apr 2021 14:21:57 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIV7BgAAcHNz9AAC&gdpr=0&gdpr_consent=&_test=YIV7BgAAcHNz9AAC

1 B
809 B

53ms
52ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIV7BgAAcHNz9AAC&gdpr=0&gdpr_consent=&_test=YIV7BgAAcHNz9AAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:59 GMT
X-lat: lhrpug019:0:429
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619360519.070910,VS0,VE0
x-served-by: cache-hhn4064-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIV7BgAAcHNz9AAC&gdpr=0&gdpr_consent=&_test=YIV7BgAAcHNz9AAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fc01e25a-24e2-4353-a7fc-4bcd18f341af&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

53ms
53ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fc01e25a-24e2-4353-a7fc-4bcd18f341af&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:58 GMT
X-lat: lhrpug007:0:457
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fc01e25a-24e2-4353-a7fc-4bcd18f341af&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 25 Apr 2021 14:21:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

56ms
55ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
X-lat: lhrpug018:0:536
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:22:00 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame A5E6 0
104 B 93ms
65ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:57 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4372523012132661581

42 B
505 B

52ms
52ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4372523012132661581
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:59 GMT
X-lat: lhrpug018:0:293
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:59 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid: 25f2bdf5-d6b3-489f-88f9-7b4a10470ac8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4372523012132661581
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A5E6
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_18fef936-3833-4b35-b9b4-775525238483

42 B
790 B

53ms
52ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_18fef936-3833-4b35-b9b4-775525238483
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:58 GMT
X-lat: lhrpug005:0:723
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_18fef936-3833-4b35-b9b4-775525238483
date: Sun, 25 Apr 2021 14:21:58 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 461E 3 KB
1 KB 136ms
126ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fce249dc538400f4cffaf6ac942fc1e3bcf2fbbc8a051911f48feccf1628d53

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=896ad582-406f-4372-946c-6b1076ff516a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
content-type: text/html
set-cookie: __cfduid=d12cb3fbe514436b7959d44336f20cf3f1619360517; expires=Tue, 25-May-21 14:21:57 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=896ad582-406f-4372-946c-6b1076ff516a; expires=Sat, 15 May 2021 14:21:57 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09ab01a57b00002b16b9808000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F6Sjc6LVAfMlXo5ldLy3xpSt3fg9P7XQqV7qFnop8oBbhUqvqP2Fa%2BHrWkRkH1ctZD%2ByipPPFeCaPrxliaMvTO6UU6vQm6uq8BenzTzQ6ks8LF3yLHGD0F6ou3vdsqw%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 645838825ae82b16-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame FEAF 3 KB
939 B 139ms
129ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78de4ee14f596358de8f72b916db1501fa167d53e6c58b9c437e7cc6320718c5

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=896ad582-406f-4372-946c-6b1076ff516a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
content-type: text/html
set-cookie: __cfduid=d12cb3fbe514436b7959d44336f20cf3f1619360517; expires=Tue, 25-May-21 14:21:57 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=896ad582-406f-4372-946c-6b1076ff516a; expires=Sat, 15 May 2021 14:21:57 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09ab01a57c00002b16c5ae8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2FvOtHue2xqDm3t9NbPVvRSf09mnRTKsK0C2XSd%2F5KtaA1exSmCUY0tqZoDIofS6v4gZSgGeNREyvmLgwv1%2Bu7dI1HAT%2FWR%2BY7r%2FRmU3zC4d3L90NQXz5RZPFE1wmzY%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 645838825ae92b16-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6AE5 52 KB
17 KB 45ms
45ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=4372523012132661581
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 25 Apr 2021 14:21:57 GMT
Age: 33847
X-Served-By: cache-lga21951-LGA, cache-fra19148-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 234879
X-Timer: S1619360518.512303,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 4E5F 8 KB
2 KB 2288ms
2287ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7dff6564eee8c6917ec0f21fd32779b889473bcbae3faa605babe07f8799b9

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
content-type: text/html
set-cookie: __cfduid=deed897292cfc47eec2e5d425bf78df8b1619360517; expires=Tue, 25-May-21 14:21:57 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=45bc044f-7254-4c4c-5294-d0f744d04a72; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=b%94t%8F%F4%E5%0E%26H%25%CD%810H%DAH%1Ed%C5%17%95%D2%EAU%B9r%7C%F18E%FC%E9S%81%BB%3Az%3B%9Dk.%21%2C%AD%D3%8A%01%FD%BD%B3s%8E%86%DE%E0%BA%8D%14%ED%01%BCB_%15%08_%12%DB%C6%5B%FF%D8%8Cb%5C%AA%7B%5E%90S%FB%DCOM%DC%F9%E7%08%8E%2B%5B%D6%3B%DB%03s%85%C3%9E%16%28%F8I%3F%04%9D%B8%C4+%B5%84%3C%87%23b%8A%DFB%AD%F6u%9A%0F%C7+%EF%1A%8A%BApQ%AC%8C%D3%A4%3Du%22%EE%C8%96%0F%B1x%84B%DDKv%5BH%DC%C6%261%97%2C%E8%AA%C6%7B%EC%96%FD%A4g%E5%DB; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://shrinke.me
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ab01a57400004a67891f5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6458388258cc4a67-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 4B45 3 KB
981 B 135ms
128ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24393e4ab524485985b37a2140ada63ca13ad133ac0461708029f96ad673a7ac

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=896ad582-406f-4372-946c-6b1076ff516a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
content-type: text/html
set-cookie: __cfduid=d12cb3fbe514436b7959d44336f20cf3f1619360517; expires=Tue, 25-May-21 14:21:57 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=896ad582-406f-4372-946c-6b1076ff516a; expires=Sat, 15 May 2021 14:21:57 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09ab01a57c00002b1665144000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZZIf7vbyU7UrlwuS5tx4VHqQegueQ6wEv%2FynDEc7bg%2BZnh510hY7A%2F%2Bj8V6YW7FIPZlDnSttkVJH3g2hrgazJ3AX%2FdbAKQ5MkWr8vuRYoyCJEO3v9sXOJoFjGgMW9E0%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 645838826aee2b16-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9E37 52 KB
17 KB 45ms
45ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=4372523012132661581
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 25 Apr 2021 14:21:57 GMT
Age: 33847
X-Served-By: cache-lga21951-LGA, cache-fra19160-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 244747
X-Timer: S1619360518.515196,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 535B 52 KB
17 KB 90ms
45ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=4372523012132661581
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 25 Apr 2021 14:21:57 GMT
Age: 33847
X-Served-By: cache-lga21951-LGA, cache-fra19148-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 234881
X-Timer: S1619360518.565092,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

setuid
sync.quantumdex.io/ Frame 461E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581

43 B
349 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ID5dXKOlvI0KawHjvVtQpLVuFmJ8QJNKLGZ4PNzaSyA6gO%2Fcvo5OIvi4WMnt1CPCZn3Kww3PS0lVCpCdF9Uxmx5Uu068UM%2BB8ylsq1xIMzYUDVPQyu0YCR5wCvf8CQc%3D"}]}
content-type: image/gif
cf-ray: 645838840e7e2b16-FRA
content-length: 43
cf-request-id: 09ab01a68200002b1687925000000001

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:57 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.139:80
AN-X-Request-Uuid: 61da1c5e-7bc8-4d4c-8b74-b978b953dfbb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 461E 0
474 B 1362ms
47ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:59 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 461E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-hKPeDsFE2uEcFS3YgGs_vLU5Wa0rNHFMgLz8jj8-~A

43 B
455 B

128ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-hKPeDsFE2uEcFS3YgGs_vLU5Wa0rNHFMgLz8jj8-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:01 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=el7ZcgrUee759kqSe6UbpzmXPq91vt%2BOtxErv3demCv5XN4cGbkNOmKngTzhJ4hnr3yQqHoX9cq9F5NSNriUbIqCmuLc8ZCkiCev0iKf3JP%2F65CbMmBDn%2BUEfp1tyNM%3D"}]}
content-type: image/gif
cf-ray: 64583898dc662b16-FRA
content-length: 43
cf-request-id: 09ab01b38a00002b1695994000000001

Redirect headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-hKPeDsFE2uEcFS3YgGs_vLU5Wa0rNHFMgLz8jj8-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 461E
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://prebid.a-mo.net/cchain/0?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=4372523012132661581
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=a01746c17bf450a20a175419
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YIV7BiHkCnaPmZUel-IbcwAA%...
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7

43 B
328 B

128ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DHUtHjERsOY1K8gj66ue44qAQucxQIOcuzP9JScQZMPRhXJapiqBFZfSJvkEpDlAJcjklZyH%2Bz632wmEN4KIpWdTqHmLv%2FZAG4Sl%2BdlT8n09Vt%2FgC3ELiDNByI1F7Qg%3D"}]}
content-type: image/gif
cf-ray: 6458388a9a2c2b16-FRA
content-length: 43
cf-request-id: 09ab01aa9a00002b16d3983000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7
date: Sun, 25 Apr 2021 14:21:57 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 461E
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c5c96a32e47fba34d89ee951

43 B
436 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c5c96a32e47fba34d89ee951
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yrPu%2F4zKlq7JOcsAWoSBk4w0NYIDE9BZ%2F1XvQ7IrhoiLicPzoz%2F7rHqAj%2BFe1qLbrzbKQE1Lr4qIJ7hd7N4ABl7UzRJpj6iGJ0FQQFahpdWGr%2BRFncPy8XhVNMwjbbI%3D"}]}
content-type: image/gif
cf-ray: 645838872bcc2b16-FRA
content-length: 43
cf-request-id: 09ab01a87700002b16c5b26000000001

Redirect headers

Date: Sun, 25 Apr 2021 14:21:58 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c5c96a32e47fba34d89ee951
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 461E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c

43 B
451 B

126ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eEzejrDVqmQ838hA68gmpkkk2j6h7waccez2K%2BD6v1xgxIMly0Re7QSXiJubcArEzvs7htJHHOSkPKzkhZiZizDmFlxtFh7OqfvILWli7M3yiGzFRWlq6gQwUaSfLaU%3D"}]}
content-type: image/gif
cf-ray: 6458388cae452b16-FRA
content-length: 43
cf-request-id: 09ab01abed00002b16a126a000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 461E
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c2a3a022-b19b-42d5-8a2c-49ac6dfc0275

43 B
325 B

125ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c2a3a022-b19b-42d5-8a2c-49ac6dfc0275
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BWT8VzLjKbf74U1hT8Ulb5d4cm9vGt4Ebhwq7wx63%2BKAYv8bVx4nHRQQp3KJqhldxyK0JvHlSep8%2F8WdevMlqt04oqnni7GyM4G9xItiD1OmfHJmBfimog%2B7Bl%2BEzsc%3D"}]}
content-type: image/gif
cf-ray: 645838847f3a2b16-FRA
content-length: 43
cf-request-id: 09ab01a6c700002b16a120e000000001

Redirect headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LlP%2BWzdFT7TEvDnlDfvwAgGLwTICZFnpvOaiUmw2oedimi9xy2aX7GnPp9K9UFGx%2B5u1daUjVvlnm49o%2FxFnI2wsEMoJ7N9hUiAFMPmPGfX5k7ACRk%2BiZPATZsQX"}]}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c2a3a022-b19b-42d5-8a2c-49ac6dfc0275
cf-ray: 645838839d852b16-FRA
content-length: 0
cf-request-id: 09ab01a64900002b16d0a19000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame 461E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581

43 B
332 B

129ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rYYQLQhbkI2ydkOwP5ki9xgYp5GcJBe4mMpcCigGMsP6eTFeTHFx6mw0P30o1edgeZ7bWKbUSZjtyjPhs8Zx2PYvhaZRyDVV7cOi2nkZCZ0FC5D8ncBS8jXkL9NSgyg%3D"}]}
content-type: image/gif
cf-ray: 64583883de1a2b16-FRA
content-length: 43
cf-request-id: 09ab01a66700002b16b09e6000000001

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:57 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid: 276d4ca0-0fce-46ae-a345-4ff8c38b6db2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

sync
ups.analytics.yahoo.com/ups/58425/ Frame 461E
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c209138-a5d1-11eb-8f93-0282db67f25c

0
0

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame AFAB 43 B
551 B 1216ms
47ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Sun, 25 Apr 2021 14:21:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YIV7C; path=/; domain=.go.sonobi.com

GET d
ic.tynt.com/r/ Frame 3228 0
0

GET
H/1.1

200
OK

Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6392
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

65ms
61ms

Document
text/html

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YIV7DeDwgsEJPi0FVcEIXQAA; CMPS=1121
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|230|241|90|218|81|46
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1754
Expires: Sun, 25 Apr 2021 14:22:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:05 GMT
Connection: keep-alive
Set-Cookie: CMID=YIV7DeDwgsEJPi0FVcEIXQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT CMPS=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT CMPRO=1184;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT CMST=YIV7DWCFew0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Apr 2021 14:22:05 GMT CMRUM3=2e60857b0d05a0&2760857b0d0b40&f160857b0d05a0&2d60857b0d05a0&5a60857b0d05a0&da60857b0d27600&e660857b0d27600&5160857b0d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 25 Apr 2021 14:22:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:05 GMT
Connection: keep-alive
Set-Cookie: CMID=YIV7DeDwgsEJPi0FVcEIXQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT CMPS=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 924C 8 KB
3 KB 54ms
48ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35; KRTBCOOKIE_1101=23040-6955100460957169805; PugT=1619360517; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=56131
Expires: Mon, 26 Apr 2021 05:57:28 GMT
Date: Sun, 25 Apr 2021 14:21:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 68AD 3 KB
1 KB 7422ms
69ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e44b149f717f34987294c5b1c6cbe5034e563ce46dc4029fc6c7aef89abeb344

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=i9KCB6hRXXb4rOyqXt2TzHG2hYasErm358074HctqAI; path=/; expires=Tue, 25 Apr 2023 14:22:05; domain=onetag-sys.com; SameSite=None; Secure
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET

sync
ups.analytics.yahoo.com/ups/58425/ Frame 4B45
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c265db0-a5d1-11eb-91cc-065e13ec10f6

0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B45
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581

43 B
326 B

137ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R32enc2KuRwflA55qNZsnT%2B%2Fx6v6Wt7FMZ4lVT8mIQxV8TRCkV9q4H4qHgIBt2Vb6aKx7d4luwDOk6L81Fw%2BgXkq0uxprweHYEEyRGuRV2ghYj5Fh6FPMOS9GrrX2lk%3D"}]}
content-type: image/gif
cf-ray: 645838842eb52b16-FRA
content-length: 43
cf-request-id: 09ab01a69600002b166e9de000000001

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:57 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 5ee1cce3-9998-4fa6-8e12-8c841a03b552
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 4B45 0
474 B 1405ms
47ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:59 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B45
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-IQFaA19E2uExSY29frFUoV8FRDqJXVU_EKGFwKk-~A

43 B
325 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-IQFaA19E2uExSY29frFUoV8FRDqJXVU_EKGFwKk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:01 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YcJTLbqBL2kfp14bA7WoIBECnP1Jn44iWreHz6xUVc23%2FeBUF2Zyo0OHf0NozTrE706gYURQoY8B3vwCuBAHpW1c6ZE%2F7TYdhkU3U2Y%2FcMHpFkCzOCWTtj64s0RytdI%3D"}]}
content-type: image/gif
cf-ray: 645838991ccb2b16-FRA
content-length: 43
cf-request-id: 09ab01b3ae00002b16d90f9000000001

Redirect headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-IQFaA19E2uExSY29frFUoV8FRDqJXVU_EKGFwKk-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B45
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://prebid.a-mo.net/cchain/0?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=4372523012132661581
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=8e228991395c0129856b6dcc
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YIV7Bqj1vbMnkRWo6qyi6QAA%...
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7

43 B
457 B

138ms
138ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FW8Ne0mjsFjowZ7Q21imIol%2BWeqaZGdfqZ89qyKch0egnFpQNIi92Jt3Oxl5fNMtVxd7958be7fddCClfCvPj60VzYveZat29w8S1qUhuG84jkWshaUm5eQIvaPG3dU%3D"}]}
content-type: image/gif
cf-ray: 6458388aca852b16-FRA
content-length: 43
cf-request-id: 09ab01aabf00002b16958f3000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7
date: Sun, 25 Apr 2021 14:21:58 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B45
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2853452bcc33cd95f9822134

43 B
330 B

138ms
138ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2853452bcc33cd95f9822134
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h2PusGBiZvdHQfbEZtNSk4MvNpY3hrhSwTSnXo9x5bo54pDkh203QZFwXDYIM7rT5T%2Bg43Kg1jZWI8WLoT%2F%2FE%2FO6L%2BE9wekIWupsjGjsJIoB%2FOGwT7MkAaecUMpt18o%3D"}]}
content-type: image/gif
cf-ray: 645838874bf32b16-FRA
content-length: 43
cf-request-id: 09ab01a88a00002b1672bbd000000001

Redirect headers

Date: Sun, 25 Apr 2021 14:21:58 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2853452bcc33cd95f9822134
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B45
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c

43 B
335 B

126ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RLm2rd%2BiWNv6GmIEWlIpL4H5JBkxe66FyUjckx8WRfnLK9LIpqTJG6PIb7wjvNmbouTbEiD8syYF0iF%2BWIjsk3CoAKeImDzH9eQd9Jg69w27Wwz4TrZ4dKuAwRdWfOk%3D"}]}
content-type: image/gif
cf-ray: 6458388cae462b16-FRA
content-length: 43
cf-request-id: 09ab01abed00002b16912da000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B45
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f8e73af5-692a-4a2e-bb40-d5926831adcc

43 B
572 B

132ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f8e73af5-692a-4a2e-bb40-d5926831adcc
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l2nQoi3nvakvMXGbj2aUbR4RuFfFDLGMXreox0SlrMXMeWB6PL%2BMIBcQjvr9CrA1TpxrX5Ys3KbmJE0iitIW8%2FDwlkL%2B5WOZEoVWBG3TvrPbbyE5wb%2BwxME2feLSe1g%3D"}]}
content-type: image/gif
cf-ray: 645838846f242b16-FRA
content-length: 43
cf-request-id: 09ab01a6be00002b169c2f9000000001

Redirect headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ju4HVGKnALAVug5CnRPP68NB7c4%2Fu5K0LXPdfi45jyyl3HxtPjBk7aWJcQOhHInq%2BOGUcAutgRLx4gYGHLvSO6wlNgO4VgaGwy7LH%2FXsqP5jSppkaf1oOL6tP8D5"}]}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=f8e73af5-692a-4a2e-bb40-d5926831adcc
cf-ray: 645838839d8a2b16-FRA
content-length: 0
cf-request-id: 09ab01a64800002b16d93f5000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4B45
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581

43 B
322 B

138ms
138ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Aatf1XAu21ska4u2Eay0ozaWJeOkTRtVDFaMtPETuYgRdfOdhVgmSQscOSGxjEiPAyabGaw%2FiXplnpiJoxASidvMiLi%2B3dWdvbrSarDTd5ouOXAZvQHrkTYFY7JAlHM%3D"}]}
content-type: image/gif
cf-ray: 645838845f052b16-FRA
content-length: 43
cf-request-id: 09ab01a6b300002b1687929000000001

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:57 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid: 20e238a9-9773-43ee-a722-0a5d9efddba4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 343F 43 B
555 B 1258ms
47ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Sun, 25 Apr 2021 14:21:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YIV7C; path=/; domain=.go.sonobi.com

GET d
ic.tynt.com/r/ Frame 01AC 0
0

GET
H/1.1

200
OK

Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 434A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

116ms
69ms

Document
text/html

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1121; CMID=YIV7DeDwgsEJPi0FVcEIXAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|230|241|73|90|130|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1749
Expires: Sun, 25 Apr 2021 14:22:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:05 GMT
Connection: keep-alive
Set-Cookie: CMID=YIV7DeDwgsEJPi0FVcEIXAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT CMPS=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT CMPRO=1168;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT CMST=YIV7DWCFew0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Apr 2021 14:22:05 GMT CMRUM3=e660857b0d27600&1f60857b0d05a00&5a60857b0d05a0&f160857b0d05a0&4960857b0d05a00&2d60857b0d05a0&8260857b0da8c0&2760857b0d0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 25 Apr 2021 14:22:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:05 GMT
Connection: keep-alive
Set-Cookie: CMID=YIV7DeDwgsEJPi0FVcEIXAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT CMPS=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5A80 8 KB
3 KB 47ms
46ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35; KRTBCOOKIE_1101=23040-6955100460957169805; PugT=1619360517; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=56131
Expires: Mon, 26 Apr 2021 05:57:28 GMT
Date: Sun, 25 Apr 2021 14:21:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E0B0 3 KB
1 KB 7416ms
69ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

bf47b6ee7e6a63f2c8a75194eadcd51d72f08f86a583c81445cb0f1bcd64b6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=rbw2f-3AJoqn9-8wHsySaXsl0-C7i78Hq7WbSSFB1FU; path=/; expires=Tue, 25 Apr 2023 14:22:05; domain=onetag-sys.com; SameSite=None; Secure
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEAF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581

43 B
328 B

135ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q455wa7NWuFjMH9DZZ6Q5XQJWISPZRHSUIv896or%2BptLOkskiGDo34c%2F5QXSRzFRSBfRBtObhNedh%2Fwucw7nxGoZWhOq30LR88qvFus0KqfSRO7%2FrG5ElqxxajxiqJU%3D"}]}
content-type: image/gif
cf-ray: 645838848f582b16-FRA
content-length: 43
cf-request-id: 09ab01a6d500002b16c11e2000000001

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:57 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid: 7cd6c4af-b9cd-42ae-9eab-857b2f8c6d81
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4372523012132661581
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEAF
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b0c6ff2a89e53e574c62ba3f

43 B
325 B

145ms
145ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b0c6ff2a89e53e574c62ba3f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M9hz2RVBKqTMljBLRcihyQc8%2Fx3i3omHFMcj%2FVv4SYWYwDw2he72oIspy9MhdTBaDMoq%2B3DRVEGy2JDJ3QU58cA26yrlQ1FyQL00rUP6fAXWJkMp4FbyK1mSLAQoj6s%3D"}]}
content-type: image/gif
cf-ray: 645838877c382b16-FRA
content-length: 43
cf-request-id: 09ab01a8a700002b1698285000000001

Redirect headers

Date: Sun, 25 Apr 2021 14:21:58 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b0c6ff2a89e53e574c62ba3f
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEAF
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c

43 B
326 B

127ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OMTBoY1ZZjl4b2M1nvGWTH4wpk%2Bj%2FHjU2lHv%2F2m1sLNq%2Faifh0gpyurlBPwegH7Y3F6JtBdX2gXpbnYUWcmRyi5BO1eGeSO7lBpCc20fPkjmx%2Ff0STwN0WjJHFczt8c%3D"}]}
content-type: image/gif
cf-ray: 6458388cae472b16-FRA
content-length: 43
cf-request-id: 09ab01abee00002b16a9039000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=5dd0cd97-84ae-5273-93eb-ac5bf36ed75c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEAF
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c1ed60fc-5166-485d-9f51-caf10924a631

43 B
346 B

127ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c1ed60fc-5166-485d-9f51-caf10924a631
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fXVsxVKqmhxnn1M2mZ%2BRW69xnl6fjXSG8pgFCN2M2it22tWEZPBUA8pz9HaZuEFk3aqhSqakCk5ckJzF9YgfOoFFx3wWMKO4YNvyu24Zm6XoKnzvGwWSXbwM3YHIX8k%3D"}]}
content-type: image/gif
cf-ray: 64583885184b2b16-FRA
content-length: 43
cf-request-id: 09ab01a72e00002b16c38c1000000001

Redirect headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZRlcs1lK15UcRThLx1TvI7CZVyJTS74GErBIWgYikA8iABADaHVz56EHz3K9DudCI6Rpt90WgNJoz6Uh1WbPlkd5kr0xdH%2BKA2o0B5OYTnbfWEzZfbzZ6SUBbQg4"}]}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c1ed60fc-5166-485d-9f51-caf10924a631
cf-ray: 645838839d8d2b16-FRA
content-length: 0
cf-request-id: 09ab01a64600002b169c2f0000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEAF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581

43 B
339 B

126ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U3ZrhKX4ij3ZCefPmFbM3Ta1ucOTkIA6PHAvQcVNtuHPXl%2FFBTJgfi9rkkzfhmDf%2FUJWrgPqV1j3HB0snDiTvgHclKWKyuBt3MQJNhZ%2B%2B65SRp1zjM9pYwVMyFLe0x0%3D"}]}
content-type: image/gif
cf-ray: 645838849f802b16-FRA
content-length: 43
cf-request-id: 09ab01a6e400002b166b2d8000000001

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:57 GMT
X-Proxy-Origin: 196.247.180.156; 196.247.180.156; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: caf0859c-c952-4404-9b3f-aeb7eae569d5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4372523012132661581
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

sync
ups.analytics.yahoo.com/ups/58425/ Frame FEAF
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9c209138-a5d1-11eb-8f93-0282db67f25c

0
0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame FEAF 0
478 B 1447ms
46ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:59 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEAF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rPPZkL9E2uEkRU6P7kM63wuDNHjARV5dnfI7my0-~A

43 B
322 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rPPZkL9E2uEkRU6P7kM63wuDNHjARV5dnfI7my0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:01 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9t7e6I4k7aYpmruTJGLZnWeV2EFglwPxnK3zXasKSMTYV98F7dgLdJEewbSv5mESVc6JBoYh2HLC4i0asJplaTC13GzlzWTUI1KYrPy3Y6Iw8N6XPzdwukoLIGJAYzU%3D"}]}
content-type: image/gif
cf-ray: 645838994d212b16-FRA
content-length: 43
cf-request-id: 09ab01b3d000002b16c5bf7000000001

Redirect headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rPPZkL9E2uEkRU6P7kM63wuDNHjARV5dnfI7my0-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEAF
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://prebid.a-mo.net/cchain/0?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=4372523012132661581
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=520878f1bb8ab3a6d6daabbc
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D55b0e06f-8320-4449-8f62-c63ee125d7c7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=55b0e06f-8320-4449-8f62-c63ee125d7c7&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YIV7Bqj1vbMnkRWo6qyi7AAA%...
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7

43 B
328 B

125ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:58 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C0UZka48ZqCWW2Stslgbf3%2BDAZCr%2BnihycDzc%2FV6dt9fKJWEeFPg2lqG1UgXz9ZtGT0N7vW4RA3SrthHoZ1SihoUo1VU600%2BPmf%2BBIBPIbm%2BXetpkjvJKPnrHqVow2g%3D"}]}
content-type: image/gif
cf-ray: 6458388aeaad2b16-FRA
content-length: 43
cf-request-id: 09ab01aace00002b166ea30000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=55b0e06f-8320-4449-8f62-c63ee125d7c7
date: Sun, 25 Apr 2021 14:21:58 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET d
ic.tynt.com/r/ Frame 6038 0
0

GET
H/1.1

200
OK

Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 12CC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

0
0

74ms
58ms

Document
text/html

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1121; CMID=YIV7DYVMDMWbT5NOwFT7vgAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|45|39|188|47|90|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1754
Expires: Sun, 25 Apr 2021 14:22:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:05 GMT
Connection: keep-alive
Set-Cookie: CMID=YIV7DYVMDMWbT5NOwFT7vgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT CMPS=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT CMPRO=1151;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT CMRUM3=e660857b0d27600&bc60857b0d05a00&5a60857b0d05a0&2d60857b0d05a0&f160857b0d05a0&2860857b0d05a00&2760857b0d0b40&2f60857b0d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT CMST=YIV7DWCFew0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Apr 2021 14:22:05 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 25 Apr 2021 14:22:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:05 GMT
Connection: keep-alive
Set-Cookie: CMID=YIV7DYVMDMWbT5NOwFT7vgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 25 Apr 2022 14:22:05 GMT CMPS=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 24 Jul 2021 14:22:05 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9957 8 KB
3 KB 92ms
48ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35; KRTBCOOKIE_1101=23040-6955100460957169805; PugT=1619360517; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=56131
Expires: Mon, 26 Apr 2021 05:57:28 GMT
Date: Sun, 25 Apr 2021 14:21:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6DD8 3 KB
1 KB 7415ms
71ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

c95370ab3a2db19ead654176526fb509515ef37165639ac240d05b4daa19d7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=vtQ7IXEX4rpKXGLmmAX4RWDfT24GNdqLDOblz0CuLfc; path=/; expires=Tue, 25 Apr 2023 14:22:05; domain=onetag-sys.com; SameSite=None; Secure
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 7660 43 B
555 B 1297ms
48ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Sun, 25 Apr 2021 14:21:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YIV7C; path=/; domain=.go.sonobi.com

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0FFA 38 KB
14 KB 71ms
70ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35; KRTBCOOKIE_1101=23040-6955100460957169805; PugT=1619360517; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137159
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:21:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F99A 38 KB
14 KB 84ms
53ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35; KRTBCOOKIE_1101=23040-6955100460957169805; PugT=1619360517; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137159
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:21:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 008A 38 KB
14 KB 80ms
53ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35; KRTBCOOKIE_1101=23040-6955100460957169805; PugT=1619360517; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137159
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:21:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame A5E6 0
587 B 384ms
48ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sun, 25 Apr 2021 14:21:58 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 4E5F 0
0 93ms
93ms Image
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40...
https://mwzeom.zeotap.com/mw?google_gid=CAESEJsMOJXGiFyp5RHMSVRNTXM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a41...

95 B
301 B

41ms
40ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEJsMOJXGiFyp5RHMSVRNTXM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64583890fcc84a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01ae9e00004a674f3e0000000001

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEJsMOJXGiFyp5RHMSVRNTXM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=990101a1-a5d1-11eb-8bc2-8ec3c4e339da&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672...

95 B
179 B

28ms
27ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=990101a1-a5d1-11eb-8bc2-8ec3c4e339da&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64583891ae324a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01af0700004a676788a000000001

Redirect headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=990101a1-a5d1-11eb-8bc2-8ec3c4e339da&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 4E5F 0
331 B 139ms
44ms Image
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:59 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De...
https://mwzeom.zeotap.com/mw?cid=52709101-6493-4390-8395-6b3dad330a0c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672...

95 B
178 B

38ms
38ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=52709101-6493-4390-8395-6b3dad330a0c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 645838911d0c4a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01aeaf00004a67411d1000000001

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=52709101-6493-4390-8395-6b3dad330a0c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 4E5F 0
162 B 148ms
53ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619360520.903197,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11547-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 4E5F 0
361 B 148ms
46ms Image
text/html 154.57.158.50
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.57.158.50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:21:59 GMT
Cache-Control: no-store
Expires: 0
Content-Type: text/html
Content-Length: 0
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4E5F 0
240 B 50ms
46ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:59 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=136...
https://mwzeom.zeotap.com/mw?cid=df0d52c0-3a2e-48b6-9b88-c28664b9463f&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
179 B

66ms
66ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=df0d52c0-3a2e-48b6-9b88-c28664b9463f&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 645838917de14a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01aeeb00004a67be945000000001

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:59 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=df0d52c0-3a2e-48b6-9b88-c28664b9463f&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=45bc044f-7254-4c4c-5294-d0f744d04a72&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=45bc044f-7254-4c4c-5294-d0f744d04a72&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=02210918427681294150257057113489100659&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-...

95 B
179 B

36ms
35ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=02210918427681294150257057113489100659&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64583893297d4a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01affe00004a679f903000000001

Redirect headers

DCS: dcs-prod-irl1-1-v005-0daa7241f.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9uZXHv0lQMo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=02210918427681294150257057113489100659&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 4E5F 0
324 B 199ms
64ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=45bc044f-7254-4c4c-5294-d0f744d04a72&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021042516-65151-0.602151001619360523-324cb02d343f1401dc5d60fc55cb9656&zdid=533&env=mWeb

95 B
323 B

23ms
23ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021042516-65151-0.602151001619360523-324cb02d343f1401dc5d60fc55cb9656&zdid=533&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 645838a55e464a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01bb5200004a676230f000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021042516-65151-0.602151001619360523-324cb02d343f1401dc5d60fc55cb9656&zdid=533&env=mWeb
Date: Sun, 25 Apr 2021 14:22:03 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6955100460957169805&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-...

95 B
179 B

51ms
51ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6955100460957169805&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 645838914d9e4a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01aed100004a6770097000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6955100460957169805&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Date: Sun, 25 Apr 2021 14:21:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 4E5F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=45bc044f-7254-4c4c-5294-d0f744d04a72
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=45bc044f-7254-4c4c-5294-d0f744d04a72

95 B
427 B

48ms
48ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=45bc044f-7254-4c4c-5294-d0f744d04a72

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=45bc044f-7254-4c4c-5294-d0f744d04a72
alt-svc: clear
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=45bc044f-7254-4c4c-5294-d0f744d04a72&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=45bc044f-7254-4c4c-5294-d0f744d04a72&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=0oN2KgG5KFxKoQmjdQKagu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-46...

95 B
306 B

28ms
28ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=0oN2KgG5KFxKoQmjdQKagu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 645838923f8e4a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01af6300004a6747b1e000000001

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:22:00 GMT
via: 1.1 google
last-modified: Sun, 25 Apr 2021 14:22:00 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=0oN2KgG5KFxKoQmjdQKagu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 4E5F 36 B
378 B 245ms
74ms Image
image/gif 89.163.159.109
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=45bc044f-7254-4c4c-5294-d0f744d04a72&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.109 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:22:00 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=45bc044f-7254-4c4c-5294-d0f744d04a72?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=45bc044f-7254-4c4c-5294-d0f744d04a72?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=d2757c9d68cca4a701f1f9283b57c33a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9...

95 B
283 B

36ms
36ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=d2757c9d68cca4a701f1f9283b57c33a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6458389e38284a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01b6e900004a67a0391000000001

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:22:01 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=d2757c9d68cca4a701f1f9283b57c33a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
cache-control: no-cache
x-server: 10.45.21.98
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-bOOT1J9E2opoTOiyFeh3shn6PbBbhz8otA--~A&zpartnerid=570&env=mWeb

95 B
386 B

22ms
22ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-bOOT1J9E2opoTOiyFeh3shn6PbBbhz8otA--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6458389f5a914a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01b79600004a6770156000000001

Redirect headers

date: Sun, 25 Apr 2021 14:22:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-bOOT1J9E2opoTOiyFeh3shn6PbBbhz8otA--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI6TfzIBcgkqhc%2B7VKb%2BwuNq%2BS41iYitP1U%3D

95 B
179 B

36ms
36ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI6TfzIBcgkqhc%2B7VKb%2BwuNq%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 645838a5cf324a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01bba000004a67a4323000000001

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:22:03 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI6TfzIBcgkqhc%2B7VKb%2BwuNq%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 4E5F 43 B
324 B 871ms
53ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=45bc044f-7254-4c4c-5294-d0f744d04a72&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:22:00 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 4E5F 0
336 B 903ms
68ms Image
text/plain 54.170.10.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.10.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=188 t=1619360520
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4E5F 95 B
358 B 390ms
96ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=45bc044f-7254-4c4c-5294-d0f744d04a72&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:00 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YIV7BgAAcHNz9AAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82e...

95 B
179 B

76ms
76ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YIV7BgAAcHNz9AAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 645838918e004a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01aef600004a675526b000000001

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:21:59 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1619360520.812367,VS0,VE89
x-served-by: cache-hhn4064-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YIV7BgAAcHNz9AAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 4E5F
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=502b6085-7b08-4e00-b7a3-6ea69b0f8b12&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a417...

95 B
316 B

1037ms
1037ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=502b6085-7b08-4e00-b7a3-6ea69b0f8b12&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64583896f94b4a67-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09ab01b25600004a678ea3d000000001

Redirect headers

Date: Sun, 25 Apr 2021 14:22:00 GMT
Server: MT3 3660 495c301 master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=502b6085-7b08-4e00-b7a3-6ea69b0f8b12&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sun, 25 Apr 2021 14:21:53 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4E5F
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bf...

0
337 B

223ms
68ms

Image
text/plain

54.170.10.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.10.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1619360520
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
date: Sun, 25 Apr 2021 14:22:00 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a013-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 4E5F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=45bc044f-7254-4c4c-5294-d0f744d04a72&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-529...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=45bc044f-7254-4c4c-5294-d0f744d04a72&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-529...

43 B
433 B

102ms
101ms

Image
image/gif

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=45bc044f-7254-4c4c-5294-d0f744d04a72&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361&dcc=t
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:00 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:00 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=45bc044f-7254-4c4c-5294-d0f744d04a72&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 87734
tags.bluekai.com/site/ Frame 4E5F 62 B
425 B 298ms
188ms Image
image/gif 23.38.51.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=45bc044f-7254-4c4c-5294-d0f744d04a72&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.51.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-51-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 14:22:00 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 23e7
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 4E5F 0
38 B 3238ms
88ms Image
text/plain 52.213.157.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D45bc044f-7254-4c4c-5294-d0f744d04a72%26reqId%3De79a4176-a9ec-4672-40d5-82edb2bfd25a%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.157.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:03 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 4E5F 557 B
580 B 42ms
42ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c962b97ff3f76f0ba20183aa657833fb1e7f155ca5e087bccfdc29ec8a79b7e

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 645838963fc64a67-FRA
date: Sun, 25 Apr 2021 14:22:00 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 09ab01b1e400004a67b98c6000000001

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A060 38 KB
14 KB 114ms
113ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; chkChromeAb67Sec=1; DPSync3=1620518400%3A201_227_226_221; SyncRTB3=1621900800%3A203%7C1620518400%3A3_8_204_81_189_21_56_71_222_166_230_161_165_88_13_231_176_220_54_7_22_55_99%7C1619913600%3A67_2_223_15%7C1620172800%3A63%7C1620604800%3A35; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; KRTBCOOKIE_218=22978-YIV7BgAAcHNz9AAC&KRTB&23194-YIV7BgAAcHNz9AAC&KRTB&23209-YIV7BgAAcHNz9AAC&KRTB&23244-YIV7BgAAcHNz9AAC; PugT=1619360519; SPugT=1619360518; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137156
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:22:00 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A060 3 KB
4 KB 319ms
319ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38486103&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f0186aef3c5100eeddf146efb954ca69a7fb6814dbf27b59c902da9aa6727323

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:21:59 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 1630
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16

35 B
468 B

45ms
45ms

Document
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38486103&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 25 Apr 2021 14:22:01 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=4179401705899950749; expires=Thu, 24 Jun 2021 14:22:01 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sun, 25 Apr 2021 14:22:01 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Tue, 25 May 2021 14:22:01 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame B358
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-56TZ6H3RQNGxV-tTpFRRsT3tJw

42 B
778 B

53ms
53ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-56TZ6H3RQNGxV-tTpFRRsT3tJw
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38486103&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; KRTBCOOKIE_218=22978-YIV7BgAAcHNz9AAC&KRTB&23194-YIV7BgAAcHNz9AAC&KRTB&23209-YIV7BgAAcHNz9AAC&KRTB&23244-YIV7BgAAcHNz9AAC; chkChromeAb67Sec=2; DPSync3=1620518400%3A201_227_226_221_219_197_232%7C1619395200%3A174; SyncRTB3=1621900800%3A203%7C1624492800%3A69%7C1620604800%3A35%7C1620518400%3A7_5_57_13_233_189_81_161_165_220_104_8_231_222_176_54_204_56_71_22_55_78_21_166_230_88_99_3%7C1619913600%3A15_67_223_2%7C1620172800%3A63; KRTBCOOKIE_188=3189-no-consent; PugT=1619360521; KRTBCOOKIE_107=1471-uid:3VLetYe51LAFE45; SPugT=1619360521; KRTBCOOKIE_391=22924-5912255990128083827&KRTB&23263-5912255990128083827; KRTBCOOKIE_27=16735-uid:2b916085-7b09-4f00-8718-f43fb5875f90&KRTB&16736-uid:2b916085-7b09-4f00-8718-f43fb5875f90&KRTB&23019-uid:2b916085-7b09-4f00-8718-f43fb5875f90&KRTB&23114-uid:2b916085-7b09-4f00-8718-f43fb5875f90
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 25 Apr 2021 14:22:02 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_860=16335--56TZ6H3RQNGxV-tTpFRRsT3tJw; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:22:02 GMT; path=/ PugT=1619360522; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 25-May-2021 14:22:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:22:02 GMT; path=/
X-lat: lhrpug002:0:808
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Sun, 25 Apr 2021 14:22:01 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-56TZ6H3RQNGxV-tTpFRRsT3tJw
Set-Cookie: sa-user-id=s%3A0-fb9e9367-a1f7-4503-46c5-5fad4e915146.%2B74iyQh4IqcJujcJPentek8%2BfdmKo%2FDL9djHNy1Wslk; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-fb9e9367-a1f7-4503-46c5-5fad4e915146%24ip%24196.247.180.156.UfuHg50mf3eJPk4oIoL1vC6QbiZzdeJhjMvgC2EAsWg; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 159
Connection: keep-alive

GET
H2

200

receive Show response
pixel.tapad.com/idsync/ex/ Frame 993A
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

95 B
154 B

221ms
221ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_3WAY_SYNCS=; TapAd_TS=1619360519900; TapAd_DID=990631c0-a5d1-11eb-8bc2-8ec3c4e339da
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 25 Apr 2021 14:22:00 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

Server: nginx
Date: Sun, 25 Apr 2021 14:22:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:22:00 GMT; path=/
X-lat: lhrpug020:0:455
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3078
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3VLetYe51LAFE45&gdpr=0&gdpr_consent=

42 B
769 B

275ms
275ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3VLetYe51LAFE45&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38486103&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; KRTBCOOKIE_218=22978-YIV7BgAAcHNz9AAC&KRTB&23194-YIV7BgAAcHNz9AAC&KRTB&23209-YIV7BgAAcHNz9AAC&KRTB&23244-YIV7BgAAcHNz9AAC; PugT=1619360519; SPugT=1619360518; chkChromeAb67Sec=2; DPSync3=1620518400%3A201_227_226_221_219_197_232%7C1619395200%3A174; SyncRTB3=1621900800%3A203%7C1624492800%3A69%7C1620604800%3A35%7C1620518400%3A7_5_57_13_233_189_81_161_165_220_104_8_231_222_176_54_204_56_71_22_55_78_21_166_230_88_99_3%7C1619913600%3A15_67_223_2%7C1620172800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 25 Apr 2021 14:22:01 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_107=1471-uid:3VLetYe51LAFE45; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:22:01 GMT; path=/ PugT=1619360521; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 25-May-2021 14:22:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:22:01 GMT; path=/
X-lat: lhrpug011:0:563
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Sun, 25 Apr 2021 14:22:00 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3VLetYe51LAFE45&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-080424a23a22eec76@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=3VLetYe51LAFE45; Domain=.w55c.net; Expires=Wed, 25-May-2022 14:22:01 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 25-May-2021 14:22:01 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 416A
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6DC5F8D058A64A0880B3188AA8D0B038

1 B
463 B

56ms
56ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6DC5F8D058A64A0880B3188AA8D0B038
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38486103&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; KRTBCOOKIE_218=22978-YIV7BgAAcHNz9AAC&KRTB&23194-YIV7BgAAcHNz9AAC&KRTB&23209-YIV7BgAAcHNz9AAC&KRTB&23244-YIV7BgAAcHNz9AAC; PugT=1619360519; SPugT=1619360518; chkChromeAb67Sec=2; DPSync3=1620518400%3A201_227_226_221_219_197_232%7C1619395200%3A174; SyncRTB3=1621900800%3A203%7C1624492800%3A69%7C1620604800%3A35%7C1620518400%3A7_5_57_13_233_189_81_161_165_220_104_8_231_222_176_54_204_56_71_22_55_78_21_166_230_88_99_3%7C1619913600%3A15_67_223_2%7C1620172800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 25 Apr 2021 14:22:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 24-Jul-2021 14:22:00 GMT; path=/
X-lat: lhrpug005:0:469
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: nginx
date: Sun, 25 Apr 2021 14:22:00 GMT
content-type: text/html
content-length: 154
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6DC5F8D058A64A0880B3188AA8D0B038
expires: Sat, 24 Apr 2021 14:22:00 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame 44C6 0
114 B 1437ms
147ms Document
text/plain 38.27.122.158
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38486103&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.158 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: match.bnmla.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 25 Apr 2021 14:22:01 GMT
Content-Length: 0
Connection: keep-alive

GET

mw
mwzeom.zeotap.com/ Frame A060
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d2757c9d68cca4a701f1f9283b57c33a
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=52709101-6493-4390-8395-6b3dad330a0c&icm
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=52709101-6493-4390-8395-6b3dad330a0c&icm
https://spl.zeotap.com/?zdid=1332&zcluid=7eac6de886a35046
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6c0e4a86-e49b-40d8-768b-9a0aa9e13696&reqId=2dcab0ca-e21a-4444-44e9-112a753f6946&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6c0e4a86-e49b-40d8-768b-9a0aa9e13696&reqId=2dcab0ca-e21a-4444-44e9-112a753f6946&zclu...
https://mwzeom.zeotap.com/mw?google_gid=CAESEOdbN1_EUQIXukvMkM8H4-Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6c0e4a86-e49b-40d8-768b-9a0aa9e13696&reqId=2dcab0ca-e21a-4444-44e9-112...

0
0

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame A060
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=59c46085-7b09-4b00-aab7-35061a747675

0
587 B

49ms
48ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=59c46085-7b09-4b00-aab7-35061a747675
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sun, 25 Apr 2021 14:22:01 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Sun, 25 Apr 2021 14:22:01 GMT
Server: MT3 3660 495c301 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=59c46085-7b09-4b00-aab7-35061a747675
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Apr 2021 14:22:00 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame A060
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=71&buid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=0&gdpr_consent=&j=0
https://loadm.exelator.com/load/?p=204&g=71&buid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

0
2 KB

55ms
55ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=71&buid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 25 Apr 2021 14:22:01 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=71&buid=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame A060
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a45901b-a5d1-11eb-915a-a346d8a61158&gdpr=0&gdpr_consent=

1 B
793 B

53ms
52ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a45901b-a5d1-11eb-915a-a346d8a61158&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:22:02 GMT
X-lat: lhrpug007:0:631
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a45901b-a5d1-11eb-915a-a346d8a61158&gdpr=0&gdpr_consent=
Date: Sun, 25 Apr 2021 14:22:01 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 9a45901c-a5d1-11eb-915a-a346d8a61158

GET
H2 204 cmp
spl.zeotap.com/ Frame 4E5F 0
0 34ms
34ms Document
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=45bc044f-7254-4c4c-5294-d0f744d04a72&reqId=e79a4176-a9ec-4672-40d5-82edb2bfd25a&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=45bc044f-7254-4c4c-5294-d0f744d04a72; zsc=b%94t%8F%F4%E5%0E%26H%25%CD%810H%DAH%1Ed%C5%17%95%D2%EAU%B9r%7C%F18E%FC%E9S%81%BB%3Az%3B%9Dk.%21%2C%AD%D3%8A%01%FD%BD%B3s%8E%86%DE%E0%BA%8D%14%ED%01%BCB_%15%08_%12%DB%C6%5B%FF%D8%8Cb%5C%AA%7B%5E%90S%FB%DCOM%DC%F9%E7%08%8E%2B%5B%D6%3B%DB%03s%85%C3%9E%16%28%F8I%3F%04%9D%B8%C4+%B5%84%3C%87%23b%8A%DFB%AD%F6u%9A%0F%C7+%EF%1A%8A%BApQ%AC%8C%D3%A4%3Du%22%EE%C8%96%0F%B1x%84B%DDKv%5BH%DC%C6%261%97%2C%E8%AA%C6%7B%EC%96%FD%A4g%E5%DB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Sun, 25 Apr 2021 14:22:00 GMT
set-cookie: __cfduid=d3a16f3d32a66a4d658584d00cfb58e0f1619360520; expires=Tue, 25-May-21 14:22:00 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09ab01b22000004a673cbfc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6458389698a14a67-FRA

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0FFA 38 KB
14 KB 54ms
54ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; KRTBCOOKIE_218=22978-YIV7BgAAcHNz9AAC&KRTB&23194-YIV7BgAAcHNz9AAC&KRTB&23209-YIV7BgAAcHNz9AAC&KRTB&23244-YIV7BgAAcHNz9AAC; PugT=1619360519; SPugT=1619360518; repi=1; chkChromeAb67Sec=2; DPSync3=1620518400%3A201_227_226_221_219_197_232%7C1619395200%3A174; SyncRTB3=1621900800%3A203%7C1624492800%3A69%7C1620604800%3A35%7C1620518400%3A7_5_57_13_233_189_81_161_165_220_104_8_231_222_176_54_204_56_71_22_55_78_21_166_230_88_99_3%7C1619913600%3A15_67_223_2%7C1620172800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137156
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:22:00 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F99A 38 KB
14 KB 220ms
220ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; KRTBCOOKIE_218=22978-YIV7BgAAcHNz9AAC&KRTB&23194-YIV7BgAAcHNz9AAC&KRTB&23209-YIV7BgAAcHNz9AAC&KRTB&23244-YIV7BgAAcHNz9AAC; PugT=1619360519; SPugT=1619360518; repi=1; chkChromeAb67Sec=2; DPSync3=1620518400%3A201_227_226_221_219_197_232%7C1619395200%3A174; SyncRTB3=1621900800%3A203%7C1624492800%3A69%7C1620604800%3A35%7C1620518400%3A7_5_57_13_233_189_81_161_165_220_104_8_231_222_176_54_204_56_71_22_55_78_21_166_230_88_99_3%7C1619913600%3A15_67_223_2%7C1620172800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137156
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:22:00 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 008A 38 KB
14 KB 73ms
64ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=957CEE89-7402-4C8C-81A6-A6A3F0BC8D16; KRTBCOOKIE_1101=23040-6955100460957169805; PUBMDCID=3; KRTBCOOKIE_377=6810-52709101-6493-4390-8395-6b3dad330a0c&KRTB&22918-52709101-6493-4390-8395-6b3dad330a0c&KRTB&23031-52709101-6493-4390-8395-6b3dad330a0c; KRTBCOOKIE_409=22966-GNGLaQ9Bjpt9bqeCQaVOWs3d; KRTBCOOKIE_80=16514-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&22987-CAESEEboTP4qheG0fa8Sc3cNjKI&KRTB&23025-CAESEEboTP4qheG0fa8Sc3cNjKI; KRTBCOOKIE_57=22776-4372523012132661581; KRTBCOOKIE_153=1923-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&19420-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD&KRTB&22979-MHgBGDEqCRgrKglOYiwUTDFxW0srLABJPnkmBIYD; KRTBCOOKIE_22=14911-3390226349094122265; KRTBCOOKIE_1074=22956-e_18fef936-3833-4b35-b9b4-775525238483; KRTBCOOKIE_594=17105-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003&KRTB&17107-RX-d7a32aa3-b3a4-4565-8cc1-5046636bace1-003; KRTBCOOKIE_218=22978-YIV7BgAAcHNz9AAC&KRTB&23194-YIV7BgAAcHNz9AAC&KRTB&23209-YIV7BgAAcHNz9AAC&KRTB&23244-YIV7BgAAcHNz9AAC; PugT=1619360519; SPugT=1619360518; repi=1; chkChromeAb67Sec=2; DPSync3=1620518400%3A201_227_226_221_219_197_232%7C1619395200%3A174; SyncRTB3=1621900800%3A203%7C1624492800%3A69%7C1620604800%3A35%7C1620518400%3A7_5_57_13_233_189_81_161_165_220_104_8_231_222_176_54_204_56_71_22_55_78_21_166_230_88_99_3%7C1619913600%3A15_67_223_2%7C1620172800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=137156
Expires: Tue, 27 Apr 2021 04:27:56 GMT
Date: Sun, 25 Apr 2021 14:22:00 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0FFA 0
75 B 57ms
57ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=38250544&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 14:22:00 GMT
Content-Length: 0

GET

4d206085-7b0c-4300-8bc8-dd8e86162f19
onetag-sys.com/sync/i,1/ Frame 68AD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/4d206085-7b0c-4300-8bc8-dd8e86162f19

0
0

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 68AD 0
0

GET

1188005195239092607
onetag-sys.com/sync/i,34/ Frame 68AD
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=i9KCB6hRXXb4rOyqXt2TzHG2hYasErm358074HctqAI
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=i9KCB6hRXXb4rOyqXt2TzHG2hYasErm358074HctqAI
https://onetag-sys.com/sync/i,34/1188005195239092607

0
0

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame 68AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPjIzRSrIUONO9qcK1BkLqA&google_cver=1

0
290 B

46ms
45ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPjIzRSrIUONO9qcK1BkLqA&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 14:22:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPjIzRSrIUONO9qcK1BkLqA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/58198/ Frame 68AD 0
124 B 69ms
67ms Image
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:22:05 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

/
onetag-sys.com/sync/i,29/ Frame 68AD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=52709101-6493-4390-8395-6b3dad330a0c&ttl=1621952525

0
0

GET

sync
x.bidswitch.net/ul_cb/ Frame 68AD
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://x.bidswitch.net/ul_cb/sync?ssp=onetag

0
0

GET setuid
sync.quantumdex.io/ Frame 68AD 0
0

GET

240c6085-7b0c-4a00-a878-b42cb74d38ad
onetag-sys.com/sync/i,1/ Frame E0B0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/240c6085-7b0c-4a00-a878-b42cb74d38ad

0
0

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E0B0 0
0

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame E0B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPjIzRSrIUONO9qcK1BkLqA&google_cver=1

0
290 B

45ms
45ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEPjIzRSrIUONO9qcK1BkLqA&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS