trans.firm.in Open in urlscan Pro
5.8.248.45  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

• https://rtbrennab.com/banner/in/show/?mid=8362235855506029427&pid=0&site=8070&sc=NL&usage_type=DCH&subid=859444372&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-10&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8070&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=269&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D859444372%26idzone%3D3830819%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D8070%26utm1%3Dtcban_s%26utm2%3D8070%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=859444372&idzone=3830819&w=300&h=250&mo=&ve=&site_id=8070&utm1=tcban_s&utm2=8070&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}}

Request Chain 66

• https://rtbrennab.com/banner/in/show/?mid=3288183004696501712&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-5&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 67

• https://rtbrennab.com/banner/in/show/?mid=2140262824631948027&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-8&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 68

• https://rtbrennab.com/banner/in/show/?mid=2294552502674691431&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-1&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8071&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1956573794%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8071%26utm1%3Dtcban_s%26utm2%3D8071%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}

Request Chain 69

• https://rtbrennab.com/banner/in/show/?mid=2778713014054724897&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-3&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 70

• https://rtbrennab.com/banner/in/show/?mid=1022787495199365262&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-6&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 71

• https://rtbrennab.com/banner/in/show/?mid=5895422008359558183&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-4&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 72

• https://rtbrennab.com/banner/in/show/?mid=4945626951713686502&pid=0&site=11281&sc=NL&usage_type=DCH&subid=1465302825&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-4&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=11281&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1465302825%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D11281%26utm1%3Dtcban_s%26utm2%3D11281%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1465302825&idzone=3830823&w=300&h=100&mo=&ve=&site_id=11281&utm1=tcban_s&utm2=11281&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1465302825&categories={{ad_tags}}

Request Chain 73

• https://rtbrennab.com/banner/in/show/?mid=4282540423270354416&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-0&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8071&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1956573794%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8071%26utm1%3Dtcban_s%26utm2%3D8071%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}

Request Chain 81

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneFlvQMsMNaeB0wcHrza-rSC4vOiHJ4xYl2hYuslIkd4OC_xdDwqQJTqiKU7MNiZZ9eJJYXIsw HTTP 302
• https://accounts.google.com/v3/signin/identifier?dsh=S2013591205%3A1685643194779736&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHpoJX_EyBnLZcTmPFvpmIUO0Ev-_qWecz_PFVXgLPL7IECjQp7P15qMmMMNbL86ykaSDv3FA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 85

• https://rtbrennab.com/banner/in/show/?mid=2475148670106371993&pid=0&site=10841&sc=NL&usage_type=DCH&subid=657216569&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-1&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=10841&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D657216569%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D10841%26utm1%3Dtcban_s%26utm2%3D10841%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=657216569&idzone=3830823&w=300&h=100&mo=&ve=&site_id=10841&utm1=tcban_s&utm2=10841&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=657216569&categories={{ad_tags}}

Request Chain 86

• https://rtbrennab.com/banner/in/show/?mid=1482592593767695546&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-9&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 87

• https://rtbrennab.com/banner/in/show/?mid=5055528665856230513&pid=0&site=8070&sc=NL&usage_type=DCH&subid=859444372&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-0&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8070&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=269&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D859444372%26idzone%3D3830819%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D8070%26utm1%3Dtcban_s%26utm2%3D8070%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=859444372&idzone=3830819&w=300&h=250&mo=&ve=&site_id=8070&utm1=tcban_s&utm2=8070&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}}

Request Chain 88

• https://rtbrennab.com/banner/in/show/?mid=5534430106499819467&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-7&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 89

• https://rtbrennab.com/banner/in/show/?mid=6846966102594304026&pid=0&site=8072&sc=NL&usage_type=DCH&subid=1983450489&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-7&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8072&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=269&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1983450489%26idzone%3D3830819%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D8072%26utm1%3Dtcban_s%26utm2%3D8072%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1983450489&idzone=3830819&w=300&h=250&mo=&ve=&site_id=8072&utm1=tcban_s&utm2=8072&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}}

Request Chain 90

• https://rtbrennab.com/banner/in/show/?mid=6483929298137711194&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-10&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 91

• https://rtbrennab.com/banner/in/show/?mid=5325102624136363390&pid=0&site=8072&sc=NL&usage_type=DCH&subid=1983450489&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-2&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8072&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=269&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=859&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1983450489%26idzone%3D3830819%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D8072%26utm1%3Dtcban_s%26utm2%3D8072%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1983450489&idzone=3830819&w=300&h=250&mo=&ve=&site_id=8072&utm1=tcban_s&utm2=8072&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}}

Request Chain 92

• https://rtbrennab.com/banner/in/show/?mid=5253696703311570925&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-1&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 93

• https://rtbrennab.com/banner/in/show/?mid=2805994657587488840&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-2&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 94

• https://rtbrennab.com/banner/in/show/?mid=2861546286361867820&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-10&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8071&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1956573794%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8071%26utm1%3Dtcban_s%26utm2%3D8071%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}

Request Chain 96

• https://rtbrennab.com/banner/in/show/?mid=3269376161134404634&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-3&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 97

• https://rtbrennab.com/banner/in/show/?mid=99788077475590929&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-5&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 98

• https://rtbrennab.com/banner/in/show/?mid=6877342193162214149&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-9&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8071&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1956573794%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8071%26utm1%3Dtcban_s%26utm2%3D8071%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}

Request Chain 99

• https://rtbrennab.com/banner/in/show/?mid=1000378456632823072&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-8&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 100

• https://rtbrennab.com/banner/in/show/?mid=9110431236170487416&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-9&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 101

• https://rtbrennab.com/banner/in/show/?mid=5849571181290471551&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-8&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 102

• https://rtbrennab.com/banner/in/show/?mid=4200832877325080968&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-0&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8071&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1956573794%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8071%26utm1%3Dtcban_s%26utm2%3D8071%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}

Request Chain 103

• https://rtbrennab.com/banner/in/show/?mid=3294492779498679766&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-6&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8073&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D2134041496%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8073%26utm1%3Dtcban_s%26utm2%3D8073%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}

Request Chain 111

• https://rtbrennab.com/banner/in/show/?mid=3136582507551001851&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=trans.firm.in&hostname=auc-banner-hz-5&site_id=0&spot_id=0&utm_source=tcban_s&utm_medium=8071&utm_campaign=21943&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2001:1af8:4700:a069:35::9&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=270&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D1956573794%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8071%26utm1%3Dtcban_s%26utm2%3D8071%26utm3%3D21943%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26katds_labels%3D%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001 HTTP 302
• https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&katds_labels=&btype=0&score=1&bf=0.0001 HTTP 302
• https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}

Request Chain 118

• https://go.xlivrdr.com/smartpop/128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=271333&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&buttonColor=%23930606&liveBadgeColor=%23ff0707 HTTP 302
• https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460

Request Chain 123

• https://go.xlivrdr.com/smartpop/128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=271333&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&buttonColor=%23930606&liveBadgeColor=%23ff0707 HTTP 302
• https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460

Request Chain 128

• https://go.xlivrdr.com/smartpop/128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=271333&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&buttonColor=%23930606&liveBadgeColor=%23ff0707 HTTP 302
• https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460

Request Chain 198

• https://go.xlivrdr.com/smartpop/128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=271333&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&buttonColor=%23930606&liveBadgeColor=%23ff0707 HTTP 302
• https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460

Request Chain 330

• https://eu.doctorpost.net/nty/metrics/save.img?event=impressions&bid-id=v2-1685643195076-7-9306-1214338-c5e63b68-7868-65e5-9734-00963751baff&img=https%3A%2F%2Fcdn.adx1.com%2F177cbed865ace90cd245763dadef8805.jpeg&cpa=b350b613-5d71-4f7c-8405-a21368bd5d55&format=default-slide-b_r-body HTTP 302
• https://cdn.adx1.com/177cbed865ace90cd245763dadef8805.jpeg

331 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
19 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request img-640354e1dbc0c.html Show response trans.firm.in/	17 KB 6 KB	147ms 90ms	Document text/html	5.8.248.45 Netherlands
General Check archive.org Show headers Download Go to Full URL https://trans.firm.in/img-640354e1dbc0c.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.8.248.45 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS xxxwebdlxxx.org Software nginx/1.20.1 / PHP/5.6.40 Resource Hash f6d382490de23c063f32061f8a11ea6ffdf7b031b2ddaa9ad2a92e200a013339 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 01 Jun 2023 18:13:13 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx/1.20.1 Strict-Transport-Security max-age=31536000; Transfer-Encoding chunked X-Powered-By PHP/5.6.40
GET H/1.1	200 OK	styles.css trans.firm.in/css/	22 KB 6 KB	15ms 14ms	Stylesheet text/css	5.8.248.45 Netherlands
General Check archive.org Show headers Download Go to Full URL https://trans.firm.in/css/styles.css Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.8.248.45 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS xxxwebdlxxx.org Software nginx/1.20.1 / Resource Hash 63603bdb601aa7b30ec75f1e045ab145386b3e0e62cc955fdcb680fac203ca5d Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/img-640354e1dbc0c.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:13 GMT Strict-Transport-Security max-age=31536000; Content-Encoding gzip Last-Modified Tue, 05 May 2020 23:00:10 GMT Server nginx/1.20.1 ETag W/"5eb1effa-5692" Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	jquery-1.7.1.min.js Show response trans.firm.in/js/	92 KB 38 KB	59ms 31ms	Script application/javascript	5.8.248.45 Netherlands
General Check archive.org Show headers Download Go to Full URL https://trans.firm.in/js/jquery-1.7.1.min.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.8.248.45 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS xxxwebdlxxx.org Software nginx/1.20.1 / Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/img-640354e1dbc0c.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:13 GMT Strict-Transport-Security max-age=31536000; Content-Encoding gzip Last-Modified Tue, 05 May 2020 23:00:10 GMT Server nginx/1.20.1 ETag W/"5eb1effa-16eac" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	jquery-ui-1.8.18.custom.min.js Show response trans.firm.in/js/	205 KB 63 KB	63ms 34ms	Script application/javascript	5.8.248.45 Netherlands
General Check archive.org Show headers Download Go to Full URL https://trans.firm.in/js/jquery-ui-1.8.18.custom.min.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.8.248.45 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS xxxwebdlxxx.org Software nginx/1.20.1 / Resource Hash f38f53a28fe9992933dbc4ba83a76eb55e7c30c6fe84981df683ace83735ad43 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/img-640354e1dbc0c.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:13 GMT Strict-Transport-Security max-age=31536000; Content-Encoding gzip Last-Modified Tue, 05 May 2020 23:00:10 GMT Server nginx/1.20.1 ETag W/"5eb1effa-335f7" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	jquery-ui-1.8.18.custom.css trans.firm.in/css/smoothness/	33 KB 7 KB	30ms 15ms	Stylesheet text/css	5.8.248.45 Netherlands
General Check archive.org Show headers Download Go to Full URL https://trans.firm.in/css/smoothness/jquery-ui-1.8.18.custom.css Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.8.248.45 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS xxxwebdlxxx.org Software nginx/1.20.1 / Resource Hash ed0cfc9e7c867d4f9d7eae44bf63540a7ce43a924f52ad8a18273a888398b530 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/img-640354e1dbc0c.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:13 GMT Strict-Transport-Security max-age=31536000; Content-Encoding gzip Last-Modified Tue, 05 May 2020 23:00:10 GMT Server nginx/1.20.1 ETag W/"5eb1effa-833b" Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H/1.1	403 Forbidden	bc1913e82fecaab94a95763704a9237c.js robberyinscription.com/bc/19/13/	0 0	495ms 126ms	Script application/javascript	173.233.137.44 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://robberyinscription.com/bc/19/13/bc1913e82fecaab94a95763704a9237c.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:13 GMT Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H/1.1	403 Forbidden	7599e816942970a2304be431e358e364.js robberyinscription.com/75/99/e8/	0 0	493ms 124ms	Script application/javascript	173.233.137.44 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://robberyinscription.com/75/99/e8/7599e816942970a2304be431e358e364.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.19.5 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:13 GMT Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H2	200	postitial.browser.css cdn.tubecorp.com/il/	1 KB 784 B	60ms 14ms	Stylesheet text/css	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.tubecorp.com/il/postitial.browser.css Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 86d7598025ea4c10bbc25c41a30bfab52e99b403c11426b57bb6dfb86151bd11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 19:13:13 GMT date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Tue, 10 Nov 2020 10:03:41 GMT server nginx/1.20.1 etag W/"5faa657d-52a" content-type text/css access-control-allow-origin * cache-control max-age=3600 x-request-id 6b8b4d28bbf875b5e48e7d956e7f5022 x-proxy-cache HIT
GET H2	200	postitial.browser.js Show response cdn.tubecorp.com/il/	61 KB 22 KB	74ms 27ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.tubecorp.com/il/postitial.browser.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 3d42acd5e73bac7ce7a6f531e7ad9ede2515f30e3c8606b446886066f3914c6d Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 19:13:13 GMT date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Tue, 10 Nov 2020 10:03:41 GMT server nginx/1.20.1 etag W/"5faa657d-f4e6" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-request-id 4b9d41812bd362c676a0960f0774c8c4 x-proxy-cache HIT
GET H2	200	loader.js Show response cdn.tubecorp.com/b/	2 KB 1 KB	14ms 14ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.tubecorp.com/b/loader.js?v=3 Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 08c240b93338ea51c179a35b3dd9a8e0ba250f64bd691fb45df792023abb1e45 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 19:13:13 GMT date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Wed, 14 Oct 2020 08:55:58 GMT server nginx/1.20.1 etag W/"5f86bd1e-6d1" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-request-id 6010ffecac91e531b1ad6cd114322914 x-proxy-cache HIT
GET H2	200	c.js Show response media.dalysv.com/js/pu/	2 KB 1 KB	87ms 29ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.dalysv.com/js/pu/c.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6810e5c025311f63d066b5ae047005c8fa697df11d6bee7bce6415bd5e569891 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 120059 alt-svc h3=":443"; ma=86400 last-modified Mon, 29 May 2023 10:38:31 GMT server cloudflare etag W/"647480a7-6cb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzlwZLAliuaK4Ts%2FWDyzcGje1gItMY4iYw%2FgzA0YibeIkWvvwGw6nRXhLTJCWC7vtNUjeu8GEFOM7aE%2B5j00mxllxRhfcQnwHLwsqBk47Gi5q027wl1P3e5qwAGeRVPeQCcDPywgbdOl2Y0U2Rm2"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=259200 x-robots-tag noindex, nofollow, noarchive, noimageindex cf-ray 7d096de5eea35c62-FRA expires Sat, 03 Jun 2023 08:52:14 GMT
GET H2	200	video.instant.message.js Show response cdn.tsyndicate.com/sdk/v1/	9 KB 4 KB	248ms 22ms	Script application/javascript	8.248.117.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://cdn.tsyndicate.com/sdk/v1/video.instant.message.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.117.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash f0c89e9629539a17b8dcc9f46149f91bfdf0e304cb53386553d1348354bc6361 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Mon, 08 May 2023 09:41:36 GMT server nginx age 2100500 etag W/"6458c3d0-2285" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 3637
GET H/1.1	200 OK	top_background.png trans.firm.in/css/img/	3 KB 3 KB	15ms 14ms	Image image/png	5.8.248.45 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL https://trans.firm.in/css/img/top_background.png Requested by Host: trans.firm.in URL: https://trans.firm.in/css/styles.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.8.248.45 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS xxxwebdlxxx.org Software nginx/1.20.1 / Resource Hash c707ea10736237e7ba4c6431a1ae4b37b1e44f6c58f8040583f08e18b755c702 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:13 GMT Strict-Transport-Security max-age=31536000; Last-Modified Tue, 05 May 2020 23:00:10 GMT Server nginx/1.20.1 ETag "5eb1effa-c23" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3107
GET H2	200	p.js Show response cdn.tubecorp.com/	99 KB 36 KB	18ms 18ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.tubecorp.com/p.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash d1a5db3a5fe6fee2b073e06962299a3974da4f6b57550417c3a94f4dc3f96658 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 19:13:13 GMT date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Mon, 26 Jul 2021 09:33:41 GMT server nginx/1.20.1 etag W/"60fe8175-18a6c" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-request-id add5dadd140029e8fa40afe4cf974eda x-proxy-cache HIT
GET H2	200	main.js Show response sw.wpush.org/script/	25 KB 10 KB	162ms 19ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://sw.wpush.org/script/main.js?promo=21943&tcid=3401&src=766003897 Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash ce096ff08d2e06563eba6b6ffa6038756dbc1f73252df2bab34f4dbca054130c Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:13 GMT date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Thu, 01 Jun 2023 11:59:07 GMT server nginx/1.18.0 etag W/"6478880b-6553" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache MISS
GET		loadeactrl.go go.eabids.com/	0 0
GET H2	200	vast Show response tsyndicate.com/do2/e008fb00973b4389a673fa410fce6a57/	9 KB 4 KB	278ms 162ms	XHR application/xml	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/do2/e008fb00973b4389a673fa410fce6a57/vast?t=im-slider&w=1600&h=1200&keywords=Share,your,images,images,share,Image,Hosting,Script,img,dbc,&tz=0 Requested by Host: cdn.tsyndicate.com URL: https://cdn.tsyndicate.com/sdk/v1/video.instant.message.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 21ebe3dab9395135ccf60fac3d84bbfb649203acc79c0d503721a22d5ae57eac Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip x-api-version 2 x-request-id 100a5c03abc6c121 pragma no-cache server nginx x-vast 3.0 vary Accept-Encoding, * access-control-allow-methods POST, GET, HEAD content-type application/xml; charset=utf-8 access-control-allow-origin https://trans.firm.in report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } cache-control no-cache, no-store, no-transform, must-revalidate, no-transform access-control-allow-credentials true x-robots-tag none, noindex, nofollow access-control-allow-headers Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy expires 0
GET H2	200	tcbanner.js Show response cdn.tubecorp.com/b/	50 KB 18 KB	22ms 22ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.tubecorp.com/b/tcbanner.js?v=9 Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/loader.js?v=3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 3eb693b3d6b913111d8676b4a077fce9d517b9ab46305fb6db20995e248f7517 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 19:13:13 GMT date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Sat, 20 Nov 2021 06:50:35 GMT server nginx/1.20.1 etag W/"61989abb-c604" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-request-id df4ba8fa70ae2f016ec4c8e88f0b9c87 x-proxy-cache HIT
GET H2	200	code.min.js Show response media.dalysv.com/js/	36 KB 14 KB	36ms 35ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.dalysv.com/js/code.min.js Requested by Host: media.dalysv.com URL: https://media.dalysv.com/js/pu/c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b80d5eee2737ee3defecf38cc66aecfc26e65e201242c05562851f557622b67 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 93564 alt-svc h3=":443"; ma=86400 last-modified Mon, 29 May 2023 10:38:31 GMT server cloudflare etag W/"647480a7-8ef8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eJxRz47jX4qNThtwNCY7u4hjM4zwaBKwOcGXpcixmTUE0ypwyhCspI7uz38tnsRA6YL7mWP2qx0AQ9t98UqRRAeQKU7XlzjWnBJzpug6JhsW%2Fdpg7www2fkBKstTTBv5aslJSrVdOihG8egtr4C"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=259200 x-robots-tag noindex, nofollow, noarchive, noimageindex cf-ray 7d096de84a735c62-FRA expires Sat, 03 Jun 2023 16:13:49 GMT
GET H2	200	0fbb7a8bfe8a7f1a0f5838663b7729d5.js Show response f7133dada2.3500e6a1bc.com/	154 KB 56 KB	133ms 27ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash b26215d91cf0620ab04a2401f037303408972417b85c8b867cc8adcd6477bd84 Request headers Referer https://trans.firm.in/ Origin https://trans.firm.in accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:13 GMT date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Mon, 29 May 2023 10:14:41 GMT server nginx/1.18.0 etag W/"64747b11-2697d" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	adManager.m.js Show response js.wpadmngr.com/static/	154 KB 56 KB	53ms 15ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/static/adManager.m.js Requested by Host: sw.wpush.org URL: https://sw.wpush.org/script/main.js?promo=21943&tcid=3401&src=766003897 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash b26215d91cf0620ab04a2401f037303408972417b85c8b867cc8adcd6477bd84 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:13 GMT date Thu, 01 Jun 2023 18:13:13 GMT content-encoding gzip last-modified Mon, 29 May 2023 10:14:41 GMT server nginx/1.18.0 etag W/"64747b11-2697d" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	code.js Show response media.aso1.net/js/pu/	82 KB 33 KB	77ms 29ms	Script application/javascript	2606:4700:3038::6815:eadf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.aso1.net/js/pu/code.js Requested by Host: media.dalysv.com URL: https://media.dalysv.com/js/code.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eadf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 070114b2cd6d2d52af02ea322bc810691dc2d8a974afd62b5616155a1f64bb70 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 751633 cf-polished origSize=83798 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 10 May 2023 07:33:25 GMT server cloudflare etag W/"645b48c5-14756" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIAhSKVMVt1ewwAEqfap1kpmr%2FDbeQ1pvlUDU%2FHA%2FGmwdFNge21opGgVEKBV%2FK%2F1MX%2FrU6A3t7T%2FF8yryjtP5ajKzsaMOlibDjr7%2BEuQvsr8xnwswN%2BYjYvzATRTME61kBtQ7oDOenO78qR5ww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=259200 x-robots-tag noindex, nofollow, noarchive, noimageindex cf-ray 7d096dea4b690b81-AMS expires Sat, 13 May 2023 09:49:31 GMT
OPTIONS H2	204	/ puwpush.com/get/ Frame	0 0	384ms 33ms	Preflight	2a01:4f8:c0:2306::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://puwpush.com/get/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:2306::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://trans.firm.in Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.16.0 vary Origin
POST H2	200	/ Show response puwpush.com/get/	4 KB 4 KB	428ms 427ms	XHR application/json	2a01:4f8:c0:2306::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://puwpush.com/get/ Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/p.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:2306::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.16.0 / Resource Hash d4bb461f34d0fd0665dcbaee55bde369dbbc78ce7d4fd535b07b42d00e1b3aad Request headers Referer https://trans.firm.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-type application/json; charset=UTF-8 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:14 GMT server nginx/1.16.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 4107
GET H2	200	video.instant.message.css cdn.tsyndicate.com/sdk/v1/	5 KB 5 KB	30ms 30ms	Stylesheet text/css	8.248.117.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://cdn.tsyndicate.com/sdk/v1/video.instant.message.css Requested by Host: cdn.tsyndicate.com URL: https://cdn.tsyndicate.com/sdk/v1/video.instant.message.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.117.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 857634cc0df9324a79abf3ae0dc675507c22f020260e3c6ba8b2f2d04c1d24ec Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:13 GMT last-modified Mon, 08 May 2023 09:41:36 GMT server nginx age 2100498 etag "6458c3d0-123b" content-type text/css accept-ranges bytes x-robots-tag noindex, nofollow content-length 4667
GET H2	200	wp-banners.js Show response js.wpshsdk.com/npc/sdk/	0 238 B	310ms 14ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpshsdk.com/npc/sdk/wp-banners.js Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:14 GMT date Thu, 01 Jun 2023 18:13:14 GMT last-modified Fri, 20 Aug 2021 15:14:31 GMT server nginx/1.18.0 etag "611fc6d7-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H2	200	16873 Show response f7133dada2.3500e6a1bc.com/2b45a9e30bbd5164ef249b714e85c164/	4 KB 4 KB	84ms 84ms	XHR application/json	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://f7133dada2.3500e6a1bc.com/2b45a9e30bbd5164ef249b714e85c164/16873?version_name=a Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 69c2893f0221ffd5378a3b27ce375e711923f68f19007ac67fecbae75415d4af Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers access-control-allow-origin * date Thu, 01 Jun 2023 18:13:14 GMT cache-control max-age=300 x-proxy-cache MISS server nginx/1.18.0 content-type application/json expires Thu, 01 Jun 2023 18:18:14 GMT
GET H2	206	440x250.mp4 vlcdn.tsyndicate.com/videos/5/2/4431309c6ee7eb30b9361c28c9fda0131eb359/	520 KB 521 KB	321ms 27ms	Media video/mp4	8.248.131.243 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vlcdn.tsyndicate.com/videos/5/2/4431309c6ee7eb30b9361c28c9fda0131eb359/440x250.mp4 Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.131.243 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash e0d5a5990be06631df5d3a47190c14a09427fedc2b1e32c7592993963cb24aba Request headers Referer https://trans.firm.in/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:14 GMT last-modified Wed, 24 Mar 2021 09:09:47 GMT server nginx age 17123208 etag "605b01db-820d8" vary Accept-Encoding access-control-allow-methods HEAD,GET,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-532695/532696 access-control-expose-headers Server,Range,Content-Length,Content-Range access-control-max-age 31536000 access-control-allow-credentials true access-control-allow-headers * Content-Length 532696
GET H2	200	/ Show response rtbbnr.com/get/ Frame EE20	2 KB 1 KB	285ms 227ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzAsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzAsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI4NTk0NDQzNzIiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiI4MDcwIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI4MDcwIiwicGFnZSI6Imh0dHBzOi8vdHJhbnMuZmlybS5pbi9pbWctNjQwMzU0ZTFkYmMwYy5odG1sIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjRhOTFjMWUzYTExZDQyNTU1ZTI1OWQxZGJkNWRkYjRjIn0sImV4dCI6eyJkdCI6MTY4NTY0MzE5NDAwOX19 Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 2228d6bbf0f87f96b465c0fe5a00a731d55c405e0576b7b879b838203de69583 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 027D	2 KB 1 KB	286ms 228ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTgzNDUwNDg5IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MiIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiODA3MiIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTF9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 4c349961b0ccfda42a091e036a6aec52537d7e3b601205557dd8db0b3dcd2a09 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 0977	2 KB 1 KB	100ms 43ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzAsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzAsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI4NTk0NDQzNzIiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiI4MDcwIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI4MDcwIiwicGFnZSI6Imh0dHBzOi8vdHJhbnMuZmlybS5pbi9pbWctNjQwMzU0ZTFkYmMwYy5odG1sIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjRhOTFjMWUzYTExZDQyNTU1ZTI1OWQxZGJkNWRkYjRjIn0sImV4dCI6eyJkdCI6MTY4NTY0MzE5NDAxMn19 Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 980379952ae055b5a4e8af59614a9bb3608074b71ee09af5255ff10d4cfcfb18 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame D72D	2 KB 1 KB	289ms 232ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTgzNDUwNDg5IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MiIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiODA3MiIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTN9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 4c992caca35d9c1be41c425b71425230044e3e1002a2620227063f1c13568654 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame B617	2 KB 1 KB	269ms 213ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjEwODQxLCJpZCI6ODYwLCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoxMDg0MSwidHlwZSI6ImJhbm5lciIsInNwYWNlaWQiOjg2MCwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODIzLCJ6b25lIjoidGNfcGFiXzMwMHgxMDAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjY1NzIxNjU2OSIsInV0bTEiOiJ0Y2Jhbl9zIiwidXRtMiI6IjEwODQxIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9fV0sInNpdGUiOnsiaWQiOiIxMDg0MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTR9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 89999db26a89b076e86feaebe9451b4a0c2cc4a386655b5ae5be5df219d8de6a Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 8EDD	2 KB 1 KB	284ms 229ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTV9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 0ec321a9dfc412cced79cb13462cf4682ef27bfc388f9b84bbd61128f7221723 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 89FE	2 KB 1 KB	134ms 79ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjExMjgxLCJpZCI6ODYwLCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoxMTI4MSwidHlwZSI6ImJhbm5lciIsInNwYWNlaWQiOjg2MCwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODIzLCJ6b25lIjoidGNfcGFiXzMwMHgxMDAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE0NjUzMDI4MjUiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiIxMTI4MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiMTEyODEiLCJwYWdlIjoiaHR0cHM6Ly90cmFucy5maXJtLmluL2ltZy02NDAzNTRlMWRiYzBjLmh0bWwifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiNGE5MWMxZTNhMTFkNDI1NTVlMjU5ZDFkYmQ1ZGRiNGMifSwiZXh0Ijp7ImR0IjoxNjg1NjQzMTk0MDE2fX0= Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash d9e7f0230e08603cb8b1ffb90475bf80b57925ea10196fc1b3d88d86a9c6b81f Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame AAD2	2 KB 1 KB	104ms 50ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTd9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash a5b63bb67040bd8369136915b52bd0a3473f52c6abc77cb82d1bd44cedb87bdb Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 5573	2 KB 1 KB	313ms 259ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTh9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 65fae12d69fa96bc4bbae5458405f44a871473a844ce5de109360e8fbd3bf6d8 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 02DC	2 KB 1 KB	344ms 291ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTl9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash af8409367f12387cc13029d29db2a96965146be221940ce0ccdbe3a41bd5844f Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 68DD	2 KB 1 KB	268ms 216ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjB9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash d1c003d1f2d63c1435b671d162ec06317a047a700be93495b1845e5a3428fbd7 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 4CBA	2 KB 1 KB	312ms 260ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjF9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 4d04edeb5253e37e62a2dac29a9030ef7c4c73903856a7eeffd3a1baf6700afb Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame FDC1	2 KB 1 KB	342ms 290ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjJ9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 76d7a814ea85b945a4a36903f2a606ca94ce941ba2e3e7a1d5118a6e5a94f7a4 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 169C	2 KB 1 KB	293ms 242ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjN9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 36974aca4eefeb9b50718638d177a7c09ab46cece8deedc1d775e76986261af2 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 01D5	2 KB 1 KB	108ms 58ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjR9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 600d88e8eba33b6db60ab692d4025022a1ddc1f88495bea8eeda5a709f10250e Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 7760	2 KB 1 KB	291ms 241ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjR9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 1f4ea73bf62fcc5c0bd89930843e2ef441cbe96f134a222a9c4c4d71f592bdef Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 98D9	2 KB 1 KB	125ms 75ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjV9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 1ac443d7065ffb58fb5f51d576b42562c4e386f240e9764009be7bf01d97d845 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 8E33	2 KB 1 KB	116ms 67ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjZ9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 1414ba3822cd848082ef8f04ef97435afa823353892e9e56ec72f0e73e0aa2db Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame F1A8	2 KB 1 KB	125ms 76ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjd9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash d89b8fc61ba2c3d376b137f48a2c369f7ac348084d0cdb3b5b8822cb0d833f97 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 88DF	2 KB 1 KB	300ms 252ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjd9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 3264cde84993928ac6dda967275cb38762ecc83e5594fafc4031063079bd8868 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 08F9	2 KB 1 KB	317ms 270ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjh9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash fc703b053c33dfa9095fd5b0287c3ff95a39716c547fe79d53468475fe8d5325 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame F09B	2 KB 1 KB	398ms 351ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjl9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 3b2bed24fb9c60bd8ed8a74acc706da08081a163b7befec72c32fa963572cb60 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame E955	2 KB 1 KB	281ms 234ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzB9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash af82948eddc73e974618a2463abd0c1977916f90fb06cb821b27281e808cc744 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame B6A2	2 KB 1 KB	273ms 228ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzF9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 2adc4642d55ddbfae1f3b813967ba771bdde84efc6256ff9cd56e95679eea2ff Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 8F81	2 KB 1 KB	289ms 244ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzF9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 057a3e21e1147afcf3bf0bb7af8fb7dec8c91cd1257311d72b7984750ce05e5d Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 3BCE	2 KB 1 KB	126ms 81ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzJ9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash ac64fb49eaac05b68aecbf50d55cfe0e0701c86bb1e61043d3fee1601d72ce30 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame 08E2	2 KB 1 KB	121ms 77ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzN9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash fae53a01769c4d3b8ffdd9ddf9598886c18fadd1ea56c4516c7443ef62a86c89 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response rtbbnr.com/get/ Frame F1BE	2 KB 1 KB	336ms 293ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzR9fQ== Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/b/tcbanner.js?v=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 0991cac405250c5562175ffffe13a5468350fb596d8a59e9fa7d118c6405b316 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET DATA	200 OK	truncated /	621 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9daecfb7cbd4beb4cbc5c9770c7aa22e0d84c47e6816decf3cb89b3adfb3001b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	260 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ede98f09ad8ffd4b654636fd94acdd0d53b93810e926755bbab627d19a3b04bc Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	track Show response 4bc0edac2f.92331e9790.com/in/	0 207 B	107ms 62ms	XHR text/plain	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://4bc0edac2f.92331e9790.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDIyODc3MzE2MTk2MDkzMTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjUxLjAiLCJ0YWdfaWQiOjAsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjMzLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJJbWFnZSUyQ0hvc3RpbmclMkNTY3JpcHQlMkNpbWFnZXMlMkNzaGFyZSUyQ1NoYXJlJTJDeW91ciUyQ2ltYWdlcyJ9 Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:14 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	cookies Show response ntvpwpush.com/dl/ Frame FD2E	620 B 654 B	83ms 25ms	Document text/html	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ntvpwpush.com/dl/cookies Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 252020519b9481bc71c10e8ba9fc22d687d4718b5dde817ce56b6e26b0353076 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	push.m.js Show response js.wpshsdk.com/npc/sdk/	66 KB 27 KB	20ms 20ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpshsdk.com/npc/sdk/push.m.js?v=1 Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash d34d19ecd56df62dee9badeca8885bd94fdb1e8d298b147ec759d5402a15e523 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:14 GMT date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Thu, 01 Jun 2023 11:59:07 GMT server nginx/1.18.0 etag W/"6478880b-10616" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	5949c33526ef579791b227c61156c89a.js Show response f7133dada2.3500e6a1bc.com/	503 KB 123 KB	45ms 16ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://f7133dada2.3500e6a1bc.com/5949c33526ef579791b227c61156c89a.js Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 0fdc9cfbddf99963ed81833f793502abb8b2f8da017a9accbbcb92d370621cfe Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:14 GMT date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Thu, 01 Jun 2023 13:26:31 GMT server nginx/1.18.0 etag W/"64789c87-7ddec" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	a96f552ae3b4257767c12c2533b379df.js Show response f7133dada2.3500e6a1bc.com/	88 KB 26 KB	80ms 51ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://f7133dada2.3500e6a1bc.com/a96f552ae3b4257767c12c2533b379df.js Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 3f881ab7cc56a0d1102cd0430c6d4b03f79a10c86d71d08a6e733fce6cc2fb32 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:14 GMT date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 07 Dec 2022 08:28:22 GMT server nginx/1.18.0 etag W/"63904ea6-16019" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	tags Show response notification.tubecup.net/	4 KB 4 KB	90ms 32ms	XHR application/json	78.47.181.156 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://notification.tubecup.net/tags?tag_id=16873&timezone_olson=Etc/Unknown&version_name=a Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.47.181.156 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.156.181.47.78.clients.your-server.de Software nginx/1.18.0 / Resource Hash a1efa0dfd8f0399380932f15afc2a436c7ed77956ab4128c2805a08e73c6da03 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:14 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 4301
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	79ms 24ms	Preflight	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://trans.firm.in Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://trans.firm.in Connection keep-alive Date Thu, 01 Jun 2023 18:13:14 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	25 B 399 B	142ms 90ms	XHR application/json	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=0 Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash f14e29e99057fe213fe9c98ad9c2f8d0ca19a2e49436a6b356b70a15e6206d82 Request headers Referer https://trans.firm.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Thu, 01 Jun 2023 18:13:14 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://trans.firm.in Access-Control-Allow-Credentials true Connection keep-alive Content-Length 25
GET H2	200	00394b71264946e5bf58746cefe5435f.html Show response tsyndicate.com/iframes2/ Frame 0AE5 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=8362235855506029427&pid=0&site=8070&sc=NL&usage_type=DCH&subid=859444372&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&... https://btds.zog.link/in/912/?sid=0&source=859444372&idzone=3830819&w=300&h=250&mo=&ve=&site_id=8070&utm1=tcban_s&utm2=8070&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-6... https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}}	7 KB 3 KB	116ms 64ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzAsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzAsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI4NTk0NDQzNzIiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiI4MDcwIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI4MDcwIiwicGFnZSI6Imh0dHBzOi8vdHJhbnMuZmlybS5pbi9pbWctNjQwMzU0ZTFkYmMwYy5odG1sIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjRhOTFjMWUzYTExZDQyNTU1ZTI1OWQxZGJkNWRkYjRjIn0sImV4dCI6eyJkdCI6MTY4NTY0MzE5NDAxMn19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 548917ea8d0decdcaffbe57766febe1edd293efdfbb4cad6f39a06582977a3cb Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id bd3ffda2e14366d1 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame D2E9 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=3288183004696501712&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	288ms 238ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTd9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash a957484f62d4dda9bf2312a4c6d978cc54436d56b7a580d2a17733b88df0ca11 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 069d79d91aaa824c x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 12FA Redirect Chain https://rtbrennab.com/banner/in/show/?mid=2140262824631948027&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	321ms 279ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjR9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 9c59ab51f772999d482507b1740a294cd53ec6aa1149a532f02e813cb2a74ef1 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 1928d79ab263c6d1 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 4D24 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=2294552502674691431&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}	6 KB 3 KB	224ms 182ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjZ9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 9d1bd7facdf7254c2da25119d1afb5751bc097cffdeef1f6b476cda166fb9daa Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id d84a0a03713e7816 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 7D2F Redirect Chain https://rtbrennab.com/banner/in/show/?mid=2778713014054724897&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	204ms 153ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjV9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 0ab6b06224050719872cc1a003f2afdacf41e728af333d8bcfe0269c95072d23 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 507c60c8fa3621c9 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame D368 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=1022787495199365262&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	213ms 162ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjd9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash b7bb662f78ca914dd3fc8bee3ccda0a78b748a5d028ebd608ca66c8d30524186 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 7a30bdbc71d5c539 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame EFA2 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=5895422008359558183&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	195ms 152ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzN9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 7ea6fc80cf1f41bdd31b5da4e088f5fba90daab7b338ab0e9a2be71574ae4b10 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id f5fa4c42c58c0876 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 7415 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=4945626951713686502&pid=0&site=11281&sc=NL&usage_type=DCH&subid=1465302825&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c... https://btds.zog.link/in/912/?sid=0&source=1465302825&idzone=3830823&w=300&h=100&mo=&ve=&site_id=11281&utm1=tcban_s&utm2=11281&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fim... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1465302825&categories={{ad_tags}}	6 KB 3 KB	220ms 183ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1465302825&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjExMjgxLCJpZCI6ODYwLCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoxMTI4MSwidHlwZSI6ImJhbm5lciIsInNwYWNlaWQiOjg2MCwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODIzLCJ6b25lIjoidGNfcGFiXzMwMHgxMDAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE0NjUzMDI4MjUiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiIxMTI4MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiMTEyODEiLCJwYWdlIjoiaHR0cHM6Ly90cmFucy5maXJtLmluL2ltZy02NDAzNTRlMWRiYzBjLmh0bWwifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiNGE5MWMxZTNhMTFkNDI1NTVlMjU5ZDFkYmQ1ZGRiNGMifSwiZXh0Ijp7ImR0IjoxNjg1NjQzMTk0MDE2fX0= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 357e11bdd4bc4b692b2c3156fdc1e1c2b3eb2c64b7357e79f421466ff5ecf8ef Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id ffe7c5c746b10b8d x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1465302825&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 9EB4 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=4282540423270354416&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}	6 KB 3 KB	209ms 187ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzJ9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 35b547c963e77b82f9dbc43226b37595e68d65ef717a9654473b3bcc2324a69c Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id d1141cee629f3905 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	track Show response 4bc0edac2f.92331e9790.com/in/	0 206 B	51ms 51ms	XHR text/plain	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://4bc0edac2f.92331e9790.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDIyODc3MzE2MTk2MDkzMTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjUxLjAiLCJ0YWdfaWQiOjE2ODczLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40OCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiSW1hZ2UlMkNIb3N0aW5nJTJDU2NyaXB0JTJDaW1hZ2VzJTJDc2hhcmUlMkNTaGFyZSUyQ3lvdXIlMkNpbWFnZXMifQ== Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.20.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:14 GMT server nginx/1.20.2 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	cookies Show response ntvpwpush.com/dl/ Frame 823B	620 B 653 B	30ms 30ms	Document text/html	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ntvpwpush.com/dl/cookies Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 252020519b9481bc71c10e8ba9fc22d687d4718b5dde817ce56b6e26b0353076 Request headers Referer https://trans.firm.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	b6f152a47b84b3d579fba32aaed1bec4.js Show response f7133dada2.3500e6a1bc.com/	50 KB 19 KB	16ms 15ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://f7133dada2.3500e6a1bc.com/b6f152a47b84b3d579fba32aaed1bec4.js Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 8f6de9a88452dbfde086cd429512ed91e5af705c2465f3a4d4a75b7a2baa599a Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:14 GMT date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Tue, 30 May 2023 13:20:19 GMT server nginx/1.18.0 etag W/"6475f813-c9f4" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	build.m.js Show response js.cabnnr.com/banner-admanager/	52 KB 18 KB	70ms 14ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.cabnnr.com/banner-admanager/build.m.js Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 35befc0ef63ca02b1ea231331a916495812e89149ec366561ba911545f158d54 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:14 GMT date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Thu, 18 May 2023 10:52:31 GMT server nginx/1.18.0 etag W/"6466036f-d1cb" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	3401.php Show response f7133dada2.3500e6a1bc.com/npc/anpc/	4 B 206 B	139ms 139ms	XHR text/html	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://f7133dada2.3500e6a1bc.com/npc/anpc/3401.php Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/5949c33526ef579791b227c61156c89a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / PHP/7.1.28 Resource Hash d7793d4cf596bc12fd217b5ab3e8a9e7d0266c65c7a1154bd22cebf405ffb582 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers expires Thu, 01 Jun 2023 18:18:14 GMT date Thu, 01 Jun 2023 18:13:14 GMT server nginx/1.18.0 x-powered-by PHP/7.1.28 content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=300 content-length 4 x-proxy-cache MISS
GET H2	200	dip Show response nereserv.com/in/	0 201 B	96ms 39ms	XHR text/plain	157.90.84.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=1&event_id=18059524-9021-4cf7-9420-506b969a9993&subid=1165953372&sid=71672592&spot_id=13407&created_at=2023-06-01&timezone=0&ver=8.66.0&is_native=1 Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/5949c33526ef579791b227c61156c89a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.246 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.246.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:14 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
POST H2	200	multy Show response 9ea415bca3.0816086bd1.com/in/	16 KB 16 KB	1585ms 1584ms	XHR application/json	2a01:4f8:252:561a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://9ea415bca3.0816086bd1.com/in/multy Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/5949c33526ef579791b227c61156c89a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash e2516b836d697b54ae85e7267110d760aba96ac52320fc0dfa74b54747610fb9 Request headers Referer https://trans.firm.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:16 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 16185
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneFlvQMsMNaeB0wcHrza-rSC4vOiHJ4xYl2hYuslIkd4OC_xdDwqQJTqi... https://accounts.google.com/v3/signin/identifier?dsh=S2013591205%3A1685643194779736&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHpoJX_EyBnLZcTmPFvpmIUO0Ev-_qWecz_PFVXgLPL7IE...	0 0	69ms 69ms	Image text/html	2a00:1450:4001:806::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S2013591205%3A1685643194779736&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHpoJX_EyBnLZcTmPFvpmIUO0Ev-_qWecz_PFVXgLPL7IECjQp7P15qMmMMNbL86ykaSDv3FA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H3 Server 2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Redirect headers date Thu, 01 Jun 2023 18:13:14 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-bqeUNrluz-GmH12uLt2P8g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 397 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S2013591205%3A1685643194779736&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHpoJX_EyBnLZcTmPFvpmIUO0Ev-_qWecz_PFVXgLPL7IECjQp7P15qMmMMNbL86ykaSDv3FA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	multy 9ea415bca3.0816086bd1.com/in/ Frame	0 0	107ms 29ms	Preflight	2a01:4f8:252:561a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://9ea415bca3.0816086bd1.com/in/multy Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://trans.firm.in Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Thu, 01 Jun 2023 18:13:14 GMT pragma no-cache server nginx/1.20.1 vary Origin
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	25 B 399 B	77ms 71ms	XHR application/json	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=16873 Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/0fbb7a8bfe8a7f1a0f5838663b7729d5.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash f14e29e99057fe213fe9c98ad9c2f8d0ca19a2e49436a6b356b70a15e6206d82 Request headers Referer https://trans.firm.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Thu, 01 Jun 2023 18:13:14 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://trans.firm.in Access-Control-Allow-Credentials true Connection keep-alive Content-Length 25
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	25ms 24ms	Preflight	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=16873 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://trans.firm.in Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://trans.firm.in Connection keep-alive Date Thu, 01 Jun 2023 18:13:14 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame CB68 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=2475148670106371993&pid=0&site=10841&sc=NL&usage_type=DCH&subid=657216569&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=657216569&idzone=3830823&w=300&h=100&mo=&ve=&site_id=10841&utm1=tcban_s&utm2=10841&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=657216569&categories={{ad_tags}}	6 KB 3 KB	285ms 285ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=657216569&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjEwODQxLCJpZCI6ODYwLCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoxMDg0MSwidHlwZSI6ImJhbm5lciIsInNwYWNlaWQiOjg2MCwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODIzLCJ6b25lIjoidGNfcGFiXzMwMHgxMDAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjY1NzIxNjU2OSIsInV0bTEiOiJ0Y2Jhbl9zIiwidXRtMiI6IjEwODQxIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9fV0sInNpdGUiOnsiaWQiOiIxMDg0MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTR9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 197b88710a4917d05a726016aeb442fb370d15cb6a9a10f1c52895298df8f55f Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 588f0df339126f47 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=657216569&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame BCAB Redirect Chain https://rtbrennab.com/banner/in/show/?mid=1482592593767695546&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	157ms 157ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjB9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 6876233cc13acc987cf6f7400507c36653616a222c0ede8e2a6c650a02460296 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 1b1ea1c6fcde4032 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	00394b71264946e5bf58746cefe5435f.html Show response tsyndicate.com/iframes2/ Frame 0D97 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=5055528665856230513&pid=0&site=8070&sc=NL&usage_type=DCH&subid=859444372&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&... https://btds.zog.link/in/912/?sid=0&source=859444372&idzone=3830819&w=300&h=250&mo=&ve=&site_id=8070&utm1=tcban_s&utm2=8070&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-6... https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}}	7 KB 3 KB	67ms 67ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzAsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzAsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI4NTk0NDQzNzIiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiI4MDcwIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI4MDcwIiwicGFnZSI6Imh0dHBzOi8vdHJhbnMuZmlybS5pbi9pbWctNjQwMzU0ZTFkYmMwYy5odG1sIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjRhOTFjMWUzYTExZDQyNTU1ZTI1OWQxZGJkNWRkYjRjIn0sImV4dCI6eyJkdCI6MTY4NTY0MzE5NDAwOX19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 74760ea42d5657a573c7219b06e384ef9a73846a67cbf2b557cff8e2590858a8 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 2f47541a9cec9b1c x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame E9B1 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=5534430106499819467&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	164ms 163ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzF9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 21e57f7eb1dc0527d4d9ef45dae7462adcd8e104af96a4a701878c25749c7a86 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 8fc5ccd574bc57ab x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	00394b71264946e5bf58746cefe5435f.html Show response tsyndicate.com/iframes2/ Frame B0F1 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=6846966102594304026&pid=0&site=8072&sc=NL&usage_type=DCH&subid=1983450489&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=1983450489&idzone=3830819&w=300&h=250&mo=&ve=&site_id=8072&utm1=tcban_s&utm2=8072&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}}	7 KB 3 KB	326ms 325ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTgzNDUwNDg5IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MiIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiODA3MiIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTF9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash bb77a1d3741b41366de0f0e2892768ae144dbae3dcb0fe6234f5e4352f50959e Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id dcf8edc6b206a4fa x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 4ABC Redirect Chain https://rtbrennab.com/banner/in/show/?mid=6483929298137711194&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	244ms 243ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTV9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 57526875ce3f49bab2324210c5e62d1ac79abd9892f3f8a5baa27500a4237089 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id a1720bce6d3cec08 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	00394b71264946e5bf58746cefe5435f.html Show response tsyndicate.com/iframes2/ Frame 4A6F Redirect Chain https://rtbrennab.com/banner/in/show/?mid=5325102624136363390&pid=0&site=8072&sc=NL&usage_type=DCH&subid=1983450489&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=1983450489&idzone=3830819&w=300&h=250&mo=&ve=&site_id=8072&utm1=tcban_s&utm2=8072&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}}	7 KB 3 KB	91ms 91ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTgzNDUwNDg5IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MiIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiODA3MiIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTN9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash d1071bd2abb58b471fd4a235cc0c657f8916c885de9020b72889e4d88dd858dd Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id ec8d2fa65c7519d0 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 948C Redirect Chain https://rtbrennab.com/banner/in/show/?mid=5253696703311570925&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	311ms 310ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzB9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash c74aa42a8c96aa07c86e21bbf67d1afda93bbf5412366b056f0846957b4c70be Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id d79c430e97b3296b x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame D279 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=2805994657587488840&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	225ms 225ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjR9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 5e37f498c995e69b896d0bb4e034aa8092cabd46f7c5942d15732c0389ac4010 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 9855aa51ccb5af29 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 2298 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=2861546286361867820&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}	6 KB 3 KB	150ms 150ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjN9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 2a9203b51a41136c81d09a005c479b1967adc5fa0b11621c758e75442d327dda Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id d758bf173f7db1cd x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 0AE5	8 KB 3 KB	150ms 25ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzAsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzAsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI4NTk0NDQzNzIiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiI4MDcwIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI4MDcwIiwicGFnZSI6Imh0dHBzOi8vdHJhbnMuZmlybS5pbi9pbWctNjQwMzU0ZTFkYmMwYy5odG1sIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjRhOTFjMWUzYTExZDQyNTU1ZTI1OWQxZGJkNWRkYjRjIn0sImV4dCI6eyJkdCI6MTY4NTY0MzE5NDAxMn19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 2802 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=3269376161134404634&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	287ms 286ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzF9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash bd2456683b68b5512618c0f809d0d3916bb671f115b5255257bd5cc063bd55ca Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:15 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 9271a2e37288e8a1 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame C67F Redirect Chain https://rtbrennab.com/banner/in/show/?mid=99788077475590929&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&r... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	268ms 268ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjd9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 8bd59e267e32514ea4916fffd515306d70f2e3651a87bc17d5777dbf689421d0 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:15 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 90a0d8a20bfbce8c x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame D436 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=6877342193162214149&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}	6 KB 3 KB	240ms 240ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTh9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash c7cbc62ce62efdf92d79a4feba7322ecf8a2b27500c2bc88a4439d14cf106577 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 1643cd74bbec0a62 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 5938 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=1000378456632823072&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	179ms 179ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjF9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash dc811f0808504598fc95d3ced2653c6fe1ee3149be25344edaf0381f49e4cfe6 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 96fc41cd01204a44 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 129C Redirect Chain https://rtbrennab.com/banner/in/show/?mid=9110431236170487416&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	232ms 232ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjh9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 085976e7c24067b304a941c97dfe18dba4936875ab18f99b1bca0de58f9cd601 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:15 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 4d3e5d6a3ff962ac x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 04B1 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=5849571181290471551&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	250ms 250ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjJ9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash ca682968a2de7ceb8febbf56e97e10bb2bbaf559125d451ceb410ea6b8b5f41c Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:15 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id ba89756d7b9c721c x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame D628 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=4200832877325080968&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}	6 KB 3 KB	150ms 150ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTl9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 85d07557258a413a740f127038088b6831e47a4bec95cf4813876d5689768dd2 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 20233629f2a6f7d4 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame CE44 Redirect Chain https://rtbrennab.com/banner/in/show/?mid=3294492779498679766&pid=0&site=8073&sc=NL&usage_type=DCH&subid=2134041496&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=2134041496&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8073&utm1=tcban_s&utm2=8073&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}}	6 KB 3 KB	166ms 165ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzR9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash bb1585694ccf1d41f97adb74a666044ee7e11b6bf38f5ca765f5ce1d31397a27 Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:14 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id f799b8997f8c56f7 x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame EFA2	8 KB 3 KB	48ms 25ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzN9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 7D2F	8 KB 3 KB	48ms 26ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjV9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame D368	8 KB 3 KB	43ms 23ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjd9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 0D97	8 KB 3 KB	40ms 22ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzAsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzAsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI4NTk0NDQzNzIiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiI4MDcwIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiI4MDcwIiwicGFnZSI6Imh0dHBzOi8vdHJhbnMuZmlybS5pbi9pbWctNjQwMzU0ZTFkYmMwYy5odG1sIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjRhOTFjMWUzYTExZDQyNTU1ZTI1OWQxZGJkNWRkYjRjIn0sImV4dCI6eyJkdCI6MTY4NTY0MzE5NDAwOX19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 4D24	8 KB 3 KB	34ms 23ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjZ9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 7415	8 KB 3 KB	32ms 23ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjExMjgxLCJpZCI6ODYwLCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoxMTI4MSwidHlwZSI6ImJhbm5lciIsInNwYWNlaWQiOjg2MCwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODIzLCJ6b25lIjoidGNfcGFiXzMwMHgxMDAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE0NjUzMDI4MjUiLCJ1dG0xIjoidGNiYW5fcyIsInV0bTIiOiIxMTI4MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiMTEyODEiLCJwYWdlIjoiaHR0cHM6Ly90cmFucy5maXJtLmluL2ltZy02NDAzNTRlMWRiYzBjLmh0bWwifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiNGE5MWMxZTNhMTFkNDI1NTVlMjU5ZDFkYmQ1ZGRiNGMifSwiZXh0Ijp7ImR0IjoxNjg1NjQzMTk0MDE2fX0= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 9EB4	8 KB 3 KB	33ms 26ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzJ9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 4CFA Redirect Chain https://rtbrennab.com/banner/in/show/?mid=3136582507551001851&pid=0&site=8071&sc=NL&usage_type=DCH&subid=1956573794&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=0&source=1956573794&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8071&utm1=tcban_s&utm2=8071&utm3=21943&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Ftrans.firm.in%2Fimg-... https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}}	6 KB 3 KB	165ms 165ms	Document text/html	148.251.152.17 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjl9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.152.17 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.17.152.251.148.clients.your-server.de Software nginx / Resource Hash 47a2ef9d55d095f460b028bb81cb9fbff49a8bb7a449ffce17061c644f26de6e Request headers Referer https://rtbbnr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Jun 2023 18:13:15 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 3e39bd891cd4433f x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Thu, 01 Jun 2023 18:13:14 GMT location https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} pragma no-cache server nginx/1.20.1 vary *
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/	35 B 134 B	343ms 270ms	Image image/gif	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XYkGFjzI0yNnK0MEMDB5kWNGSIwdEiB5kcInHMgJFDxg0aOWrczCHiYZg6YzKulGFmzJgYNEaakXGSRgwxZlqqHNNCRoyXYYiaqREGB4yeEMnYWWijbI6HcOqIoTgjR0qfcOAsvCETx8M5cCbqSFkjhgydD8e0kauDYw0adH2SMUN2xkMxbtxQzAFjxo0cdkW0cYORYY4YNmCg3dzZxuGKIurIYbPQ6o0an8-mlpERDR06cOboePFCzBs3Luq4STPmjRw3cOSkOeh3hovibV6wcQEHDZwfcHqM0WEGj507cuCMoUFeTI0aKuXE4FIHBgyOZHrYiJFjDNaCYcTckDFDZw4x7uFg0A3sucfRHD3w5ZdOBb5ngxg90FfZZTg0yJEYy_UAgwuVWWgDHBnOoAQWSGBRhw03qLHGHGccUUYNUyxxBhtWmGGGiXkZQUQbWqz4BRRSnCEGHDCgkQYTVwRRxwxXyDDHHHfcUAUNcUSRxhNBqBGGlVfEwEYRS5iRxBFEZLGGEjegMYMaURhZhBNUsFEGE0egYUQbRYRRxhpMwCHGS0nQIcMaRARxRxx3fHFGFUkQIUUVaXgoWHaGIVZhew6uUUYedxgX3xRohCFHGSXIMEQeb6hW6hBptBHGGWXMsWqrr8a66hyhjrpqEq7CuioSb8xBRxqcrTrFGMrlNWsbZ6xKhhhjrOohGTLIN8O0MfRQKV3TzqDhtDT0QNcMlxpoAxk19OAEE9Pa0AMe8N5Rxp9swIuHC8adMe0NPSThhrBhuEHHCk3EOketK8jw3rWYwodDgmCR8UYbGdEhR8BzuGBGGnK04QKxYI0Rhl5bzBBDF2jJEZQOM5TRAgwOiQDVQhvCgNoYcLTxRXIr18wfanLYQRh_D5WBM8U61OxYanWkkZFbf9awFUs1PGgDSi_N0AIOYoiR1A1tgV0DDhtZRQNYaRAmgmUulOSCW23z9JAcX6SdEdtuw40TWHWEkVETb-iRBhtshPFCDRyCgMIVxEp8xxwgwAlCDDXvAALjbthAg-V4aJ4CCEHEJecV8y6RBh2Hsz2DDYovgQQVTTDBAghspKEpCC6OscYbnw-BhhwTl_FCDEhx6IJO_b0NAwhThGGGqGmkfoMLq4e8sgjrgmXcF0ZllP1DbFz_vQgH2fHFqKwxpFNfY9Pg3txnSFaYTqiV_4UYciyUmf1tvEFGazhAykPIADyKPCRYC6FByt6AhzwkcIB5kJ_F6lCGuZWBMToYyG1ys5sXWAxjGuOYx4j1ArDcISOgcQ9Y0IBChX3lLkHLCPDoMDLjtEA4p2tBDHDgAjIchTYDvN5BvuBDv4CFDkgDDQ6qRgOT5WBpSKQNQ2ywRM05kVyYUcz5YgWHL4yMIlRk4hV9Iga9kO-CP2HDRNASPpoFpjMw6IMCAgI%3D&r=1&s=669879acd32a95c535f19b6a999466af1c7ec3f2b196f0858cc7a1db7c8d18ad1685643193&w=t Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type text/plain; charset=utf-8
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 4A6F	8 KB 3 KB	28ms 28ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTgzNDUwNDg5IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MiIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiODA3MiIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTN9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame D2E9	8 KB 3 KB	26ms 25ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTd9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame BCAB	8 KB 3 KB	22ms 21ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjB9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame E9B1	8 KB 3 KB	22ms 22ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzF9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 12FA	8 KB 3 KB	23ms 22ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjR9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	Universal Show response creative.xliirdr.com/widgets/v4/ Frame E80A Redirect Chain https://go.xlivrdr.com/smartpop/128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=271333&memberId=t3F... https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpo...	852 B 371 B	70ms 26ms	Document text/html	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fb0d10e2604f73659fdddd9774473f938b9aa6cc9f478eed9cb2dc2a5c138c7 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 2 alt-svc h3=":443"; ma=86400 cache-control max-age=10 cf-cache-status HIT cf-ray 7d096df0faac0c85-AMS content-encoding br content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT expires Thu, 01 Jun 2023 18:13:23 GMT last-modified Mon, 29 May 2023 11:40:40 GMT pragma public report-to { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 } server cloudflare strict-transport-security max-age=15768000 vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d096df06a6b0b8e-AMS content-length 0 date Thu, 01 Jun 2023 18:13:14 GMT location https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 server cloudflare
GET H2	200	10010242 Show response a.adtng.com/get/ Frame A06E	21 KB 9 KB	72ms 32ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=O_z79-sXTLtheVPGyYmWQXG0UBuZspta1dRdzKeXS04PKkQVdbMvddoIx8C315cSipb6sFj_AlyLmf68w4mu-pYRhF6wenrBjY7YGQz1lotsm-VCbUN2NyxYKHUCv9etJ7A_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash c20c0319072b218560dd00a200e839a09d796bfc1cc5247b4d8f00e92a4d00f8 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 9AA2	21 KB 9 KB	56ms 18ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=Hj4mX_Vz3mzdbFqKkSx4ma0_F_GGdBrB_WbiurKlJUoxAc9CUKE75qsphYnE0E_NualprKJ6TFWeCuc-8CuV-efm_rElTTJQI70a7wt-okgCDXtOtHl0Qq1hyMjuyaG1YIc_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash bad8f86228d74313c74e18390d67745f40909614d18bca9d9df49ecff42d76a2 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame C1DC	21 KB 9 KB	71ms 35ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=-qBs6BfO6yoBeBQPHki_vJI8FhnOkkKXeeotRAppflzkUds1q9-RVvfTIhDAy5xw2S6Nt7TlNslcLn6czBVaKA7NFSSFURPs1-UtjPUbsAzrzP8zmwhaMlEDT5h8mYJJXes_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1465302825&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 9b8e02c7e1dcac73070c7d352583bb46dfa4714f8606327aa092bfa97789091b Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 34DF	21 KB 9 KB	59ms 26ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=15Zr4xhPIacNIXx03EG0x9mcqBpEGzZEgG3gsKBlXxDPH2_rRtWoZm_-tZ9FXUweoE3oiODlYleXt6-xsAAgbUhBf2H4tIRxWBPA6JbGVDfMh2QZTB2yLd91xNVTIR7jIh8_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash a4c6005e8d442ca4bd10d9188f0c9dd325c1cf1396608ed33ffef389b4cf0e71 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H2	200	Universal Show response creative.xliirdr.com/widgets/v4/ Frame A63A Redirect Chain https://go.xlivrdr.com/smartpop/128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=271333&memberId=ZUk... https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpo...	852 B 371 B	76ms 25ms	Document text/html	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fb0d10e2604f73659fdddd9774473f938b9aa6cc9f478eed9cb2dc2a5c138c7 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 2 alt-svc h3=":443"; ma=86400 cache-control max-age=10 cf-cache-status HIT cf-ray 7d096df0eaab0c85-AMS content-encoding br content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT expires Thu, 01 Jun 2023 18:13:23 GMT last-modified Mon, 29 May 2023 11:40:40 GMT pragma public report-to { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 } server cloudflare strict-transport-security max-age=15768000 vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d096df06a6d0b8e-AMS content-length 0 date Thu, 01 Jun 2023 18:13:14 GMT location https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 server cloudflare
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 9997	21 KB 9 KB	65ms 40ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=AgCQErd0edO8R05mwVN7-JMjQJCLeDmIY1jrdhXf3suMhVoOPvFdMaXJiOJfUaHCGHSZsNAFzQZc1dbMTDHdDx9BuEoZbmKEz2uRlvDX6q80eg8AYiDwteGgxpSryVMhb4U_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 6c9399d19748d4cfb5fdba3caadedb7d46df649eac0e63ee27840c8313b215f8 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 2298	8 KB 3 KB	21ms 21ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjN9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	10010242 Show response a.adtng.com/get/ Frame E68B	21 KB 9 KB	56ms 41ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=_bc7cXL9z3cDlaU-fxrgpBzQcd9Ln2Y_xEyXe7JOoxeGze0MYovlCzjpXGjeVlt_Y6JiCTIMWoQecJ7lrAwvzaX8-gp057c8zh_8p-HIbwEgN8B1ooOJT5ml_GtqDqnEKQ_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash b1d0fc60a619dc1bc303e38cb7f0fb5bbc8e5377b839f83933307b532fd63fde Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 4C96	21 KB 9 KB	20ms 19ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=aRUa5tNG4xblk_G3uOV1MUVpECe4Yz2bVzpBBbiVexbO-af_FEUBdf8bO72d1zx0ENXdOjpYWSJr96622IZBrOBJ5Jr_GSQptuZTJpUOtYAwW-qvA-mVKSocUzrK9CyqDds_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 789878654c23f3982f09d80fc6b29dfa65b19efbecec9b8d7b178ad08da3e994 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H2	200	Universal Show response creative.xliirdr.com/widgets/v4/ Frame 6EC4 Redirect Chain https://go.xlivrdr.com/smartpop/128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=271333&memberId=s20... https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpo...	852 B 648 B	39ms 24ms	Document text/html	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fb0d10e2604f73659fdddd9774473f938b9aa6cc9f478eed9cb2dc2a5c138c7 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 2 alt-svc h3=":443"; ma=86400 cache-control max-age=10 cf-cache-status HIT cf-ray 7d096df0faad0c85-AMS content-encoding br content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT expires Thu, 01 Jun 2023 18:13:23 GMT last-modified Mon, 29 May 2023 11:40:40 GMT pragma public report-to { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 } server cloudflare strict-transport-security max-age=15768000 vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d096df09ac90b8e-AMS content-length 0 date Thu, 01 Jun 2023 18:13:14 GMT location https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 server cloudflare
POST H2	200	/ Show response mcppsh.com/get/	5 KB 5 KB	444ms 422ms	Fetch application/json	2a01:4f8:c0:2306::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mcppsh.com/get/ Requested by Host: f7133dada2.3500e6a1bc.com URL: https://f7133dada2.3500e6a1bc.com/b6f152a47b84b3d579fba32aaed1bec4.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:2306::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.16.0 / Resource Hash c41b01a92bbfc349d0789281cbc189d175b8977fd121b91ef022b9def4d0a0ba Request headers Referer https://trans.firm.in/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:15 GMT server nginx/1.16.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 4627
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 4ABC	8 KB 3 KB	27ms 22ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTV9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame CB68	8 KB 3 KB	27ms 24ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjEwODQxLCJpZCI6ODYwLCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoxMDg0MSwidHlwZSI6ImJhbm5lciIsInNwYWNlaWQiOjg2MCwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODIzLCJ6b25lIjoidGNfcGFiXzMwMHgxMDAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjY1NzIxNjU2OSIsInV0bTEiOiJ0Y2Jhbl9zIiwidXRtMiI6IjEwODQxIiwidXRtMyI6IjIxOTQzIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9fV0sInNpdGUiOnsiaWQiOiIxMDg0MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTR9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 6AB9	21 KB 9 KB	19ms 17ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=HogSGGNOjc7OLvjhB3mygJVFyR8pwtZsAoYfVXyupc1OxnUyJ-3ht6gC7LJmZOXPZ2HSEAmu-ftJi-A5txvIBvY4U_O5AJDbmeuukyTw2Ao8WfDRg_bXrvfmE9-pxrBTFx0_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash f1fa81169b6f105d3b172e7857445bb4cbd30c9295d950ec1dc1adc21a8a997f Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame 9AA2	5 KB 5 KB	500ms 25ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=Hj4mX_Vz3mzdbFqKkSx4ma0_F_GGdBrB_WbiurKlJUoxAc9CUKE75qsphYnE0E_NualprKJ6TFWeCuc-8CuV-efm_rElTTJQI70a7wt-okgCDXtOtHl0Qq1hyMjuyaG1YIc_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12121-h-0-0---;11014-20-6179----0-0-1 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H2	200	1061051_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 9AA2	3 KB 3 KB	577ms 104ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=Hj4mX_Vz3mzdbFqKkSx4ma0_F_GGdBrB_WbiurKlJUoxAc9CUKE75qsphYnE0E_NualprKJ6TFWeCuc-8CuV-efm_rElTTJQI70a7wt-okgCDXtOtHl0Qq1hyMjuyaG1YIc_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:40:00 GMT etag "ab8-5f63ec8c03c00" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10647197 x-cdn-diag fra1-11014-3-12174-h-0-0---;11014-20-6179----0-2-1 accept-ranges bytes content-length 2744 expires Sat, 09 Sep 2023 03:34:58 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 9AA2	16 KB 17 KB	18ms 17ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=Hj4mX_Vz3mzdbFqKkSx4ma0_F_GGdBrB_WbiurKlJUoxAc9CUKE75qsphYnE0E_NualprKJ6TFWeCuc-8CuV-efm_rElTTJQI70a7wt-okgCDXtOtHl0Qq1hyMjuyaG1YIc_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame D279	8 KB 3 KB	25ms 22ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjR9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:14 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874347 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 1DF5	21 KB 9 KB	18ms 18ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=w44Fn6v0uOPZYo6KrO8cIu2UfUculjbFCuzFmNhAexZhTnr9dpZVNS4OrYjR5iEFSwchF9V8ZrPXHHGVoQ6ac6rtzT7_23_sWpdVht5duiWVbouSC6MyttNIXh-YGQYznvk_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 0d2a0203a86b6870d772d5ad85a603b6894c25141a6d028e58e648de2ade22e8 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:14 GMT server openresty
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 34DF	5 KB 5 KB	82ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=15Zr4xhPIacNIXx03EG0x9mcqBpEGzZEgG3gsKBlXxDPH2_rRtWoZm_-tZ9FXUweoE3oiODlYleXt6-xsAAgbUhBf2H4tIRxWBPA6JbGVDfMh2QZTB2yLd91xNVTIR7jIh8_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.cds286.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10708880 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H2	200	1061051_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 34DF	3 KB 3 KB	530ms 72ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=15Zr4xhPIacNIXx03EG0x9mcqBpEGzZEgG3gsKBlXxDPH2_rRtWoZm_-tZ9FXUweoE3oiODlYleXt6-xsAAgbUhBf2H4tIRxWBPA6JbGVDfMh2QZTB2yLd91xNVTIR7jIh8_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:40:00 GMT etag "ab8-5f63ec8c03c00" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10647197 x-cdn-diag fra1-11014-3-12185-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 2744 expires Sat, 09 Sep 2023 03:34:58 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 34DF	16 KB 17 KB	15ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=15Zr4xhPIacNIXx03EG0x9mcqBpEGzZEgG3gsKBlXxDPH2_rRtWoZm_-tZ9FXUweoE3oiODlYleXt6-xsAAgbUhBf2H4tIRxWBPA6JbGVDfMh2QZTB2yLd91xNVTIR7jIh8_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 5938	8 KB 3 KB	22ms 21ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjF9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame A06E	5 KB 5 KB	469ms 26ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=O_z79-sXTLtheVPGyYmWQXG0UBuZspta1dRdzKeXS04PKkQVdbMvddoIx8C315cSipb6sFj_AlyLmf68w4mu-pYRhF6wenrBjY7YGQz1lotsm-VCbUN2NyxYKHUCv9etJ7A_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12118-h-0-0---;11014-20-6179----0-0-1 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H/1.1	200 OK	1060063_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame A06E	3 KB 3 KB	83ms 16ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=O_z79-sXTLtheVPGyYmWQXG0UBuZspta1dRdzKeXS04PKkQVdbMvddoIx8C315cSipb6sFj_AlyLmf68w4mu-pYRhF6wenrBjY7YGQz1lotsm-VCbUN2NyxYKHUCv9etJ7A_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 17 Feb 2023 16:58:00 GMT ETag "1676653080" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds300.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10405377 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame A06E	16 KB 17 KB	17ms 16ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=O_z79-sXTLtheVPGyYmWQXG0UBuZspta1dRdzKeXS04PKkQVdbMvddoIx8C315cSipb6sFj_AlyLmf68w4mu-pYRhF6wenrBjY7YGQz1lotsm-VCbUN2NyxYKHUCv9etJ7A_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame C1DC	5 KB 5 KB	54ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=-qBs6BfO6yoBeBQPHki_vJI8FhnOkkKXeeotRAppflzkUds1q9-RVvfTIhDAy5xw2S6Nt7TlNslcLn6czBVaKA7NFSSFURPs1-UtjPUbsAzrzP8zmwhaMlEDT5h8mYJJXes_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.cds130.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10368819 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H2	200	1060063_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame C1DC	3 KB 3 KB	497ms 71ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=-qBs6BfO6yoBeBQPHki_vJI8FhnOkkKXeeotRAppflzkUds1q9-RVvfTIhDAy5xw2S6Nt7TlNslcLn6czBVaKA7NFSSFURPs1-UtjPUbsAzrzP8zmwhaMlEDT5h8mYJJXes_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 17 Feb 2023 16:58:00 GMT etag "ab8-5f4e8373eb600" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10775710 x-cdn-diag fra1-11037-3-899720-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 2744 expires Tue, 15 Aug 2023 14:11:26 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame C1DC	16 KB 17 KB	15ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=-qBs6BfO6yoBeBQPHki_vJI8FhnOkkKXeeotRAppflzkUds1q9-RVvfTIhDAy5xw2S6Nt7TlNslcLn6czBVaKA7NFSSFURPs1-UtjPUbsAzrzP8zmwhaMlEDT5h8mYJJXes_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 9997	5 KB 5 KB	60ms 17ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=AgCQErd0edO8R05mwVN7-JMjQJCLeDmIY1jrdhXf3suMhVoOPvFdMaXJiOJfUaHCGHSZsNAFzQZc1dbMTDHdDx9BuEoZbmKEz2uRlvDX6q80eg8AYiDwteGgxpSryVMhb4U_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10629682 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 9997	3 KB 3 KB	66ms 17ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=AgCQErd0edO8R05mwVN7-JMjQJCLeDmIY1jrdhXf3suMhVoOPvFdMaXJiOJfUaHCGHSZsNAFzQZc1dbMTDHdDx9BuEoZbmKEz2uRlvDX6q80eg8AYiDwteGgxpSryVMhb4U_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop122.am5.t,1685643195.cds130.am5.shn,1685643195.dop122.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 9997	16 KB 17 KB	15ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=AgCQErd0edO8R05mwVN7-JMjQJCLeDmIY1jrdhXf3suMhVoOPvFdMaXJiOJfUaHCGHSZsNAFzQZc1dbMTDHdDx9BuEoZbmKEz2uRlvDX6q80eg8AYiDwteGgxpSryVMhb4U_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop004.am5.t,1685643195.cds201.am5.shn,1685643195.cds201.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10754949 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame E68B	5 KB 5 KB	448ms 27ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=_bc7cXL9z3cDlaU-fxrgpBzQcd9Ln2Y_xEyXe7JOoxeGze0MYovlCzjpXGjeVlt_Y6JiCTIMWoQecJ7lrAwvzaX8-gp057c8zh_8p-HIbwEgN8B1ooOJT5ml_GtqDqnEKQ_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12119-h-0-0---;11014-20-6179----0-0-1 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame E68B	3 KB 3 KB	66ms 17ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=_bc7cXL9z3cDlaU-fxrgpBzQcd9Ln2Y_xEyXe7JOoxeGze0MYovlCzjpXGjeVlt_Y6JiCTIMWoQecJ7lrAwvzaX8-gp057c8zh_8p-HIbwEgN8B1ooOJT5ml_GtqDqnEKQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame E68B	16 KB 17 KB	15ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=_bc7cXL9z3cDlaU-fxrgpBzQcd9Ln2Y_xEyXe7JOoxeGze0MYovlCzjpXGjeVlt_Y6JiCTIMWoQecJ7lrAwvzaX8-gp057c8zh_8p-HIbwEgN8B1ooOJT5ml_GtqDqnEKQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame D628	8 KB 3 KB	23ms 23ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTl9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame B0F1	8 KB 3 KB	24ms 24ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzIsImlkIjo4NTksImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NTksInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgxOSwiem9uZSI6InRjX3BhYl8zMDB4MjUwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTgzNDUwNDg5IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MiIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiODA3MiIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTF9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 4C96	5 KB 5 KB	52ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=aRUa5tNG4xblk_G3uOV1MUVpECe4Yz2bVzpBBbiVexbO-af_FEUBdf8bO72d1zx0ENXdOjpYWSJr96622IZBrOBJ5Jr_GSQptuZTJpUOtYAwW-qvA-mVKSocUzrK9CyqDds_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop004.am5.t,1685643195.cds201.am5.shn,1685643195.cds201.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10373576 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H2	200	1061051_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 4C96	3 KB 3 KB	465ms 51ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=aRUa5tNG4xblk_G3uOV1MUVpECe4Yz2bVzpBBbiVexbO-af_FEUBdf8bO72d1zx0ENXdOjpYWSJr96622IZBrOBJ5Jr_GSQptuZTJpUOtYAwW-qvA-mVKSocUzrK9CyqDds_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:40:00 GMT etag "ab8-5f63ec8c03c00" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10647197 x-cdn-diag fra1-11014-3-12185-h-0-0---;11014-20-6179----0-0-0 accept-ranges bytes content-length 2744 expires Sat, 09 Sep 2023 03:34:58 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 4C96	16 KB 17 KB	15ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=aRUa5tNG4xblk_G3uOV1MUVpECe4Yz2bVzpBBbiVexbO-af_FEUBdf8bO72d1zx0ENXdOjpYWSJr96622IZBrOBJ5Jr_GSQptuZTJpUOtYAwW-qvA-mVKSocUzrK9CyqDds_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame CE44	8 KB 3 KB	23ms 21ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzR9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 948C	8 KB 3 KB	24ms 24ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzB9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 5E96	21 KB 9 KB	18ms 18ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=5ZlefOKyz92A_i3Xesg19VS_Ty_0zx_VMvsfvs6xEtUPzPhqltcvTiVrgDadUIFWLZg4UzYU6dflItnuh1sQ2H_Kkjk2RxKnHTr3xPg9gXmJdih0h4JQORAjNmFmtyBaHw_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 5ee719efdf8d90a90a2deeadb1ca3bda6689ae6ee4bbce7ea6f6198c89ab5f39 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame D436	8 KB 3 KB	21ms 21ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMTh9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 6AB9	5 KB 5 KB	44ms 18ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=HogSGGNOjc7OLvjhB3mygJVFyR8pwtZsAoYfVXyupc1OxnUyJ-3ht6gC7LJmZOXPZ2HSEAmu-ftJi-A5txvIBvY4U_O5AJDbmeuukyTw2Ao8WfDRg_bXrvfmE9-pxrBTFx0_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10629682 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H2	200	1061051_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 6AB9	3 KB 3 KB	475ms 71ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=HogSGGNOjc7OLvjhB3mygJVFyR8pwtZsAoYfVXyupc1OxnUyJ-3ht6gC7LJmZOXPZ2HSEAmu-ftJi-A5txvIBvY4U_O5AJDbmeuukyTw2Ao8WfDRg_bXrvfmE9-pxrBTFx0_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:40:00 GMT etag "ab8-5f63ec8c03c00" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10647197 x-cdn-diag fra1-11014-3-12175-h-0-0---;11014-20-6179----0-0-3 accept-ranges bytes content-length 2744 expires Sat, 09 Sep 2023 03:34:58 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 6AB9	16 KB 17 KB	15ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=HogSGGNOjc7OLvjhB3mygJVFyR8pwtZsAoYfVXyupc1OxnUyJ-3ht6gC7LJmZOXPZ2HSEAmu-ftJi-A5txvIBvY4U_O5AJDbmeuukyTw2Ao8WfDRg_bXrvfmE9-pxrBTFx0_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame 1DF5	5 KB 5 KB	432ms 34ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=w44Fn6v0uOPZYo6KrO8cIu2UfUculjbFCuzFmNhAexZhTnr9dpZVNS4OrYjR5iEFSwchF9V8ZrPXHHGVoQ6ac6rtzT7_23_sWpdVht5duiWVbouSC6MyttNIXh-YGQYznvk_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12118-h-0-0---;11014-20-6179----0-0-1 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H2	200	1061051_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 1DF5	3 KB 3 KB	474ms 77ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=w44Fn6v0uOPZYo6KrO8cIu2UfUculjbFCuzFmNhAexZhTnr9dpZVNS4OrYjR5iEFSwchF9V8ZrPXHHGVoQ6ac6rtzT7_23_sWpdVht5duiWVbouSC6MyttNIXh-YGQYznvk_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:40:00 GMT etag "ab8-5f63ec8c03c00" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10647197 x-cdn-diag fra1-11014-3-12175-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 2744 expires Sat, 09 Sep 2023 03:34:58 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 1DF5	16 KB 17 KB	16ms 16ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=w44Fn6v0uOPZYo6KrO8cIu2UfUculjbFCuzFmNhAexZhTnr9dpZVNS4OrYjR5iEFSwchF9V8ZrPXHHGVoQ6ac6rtzT7_23_sWpdVht5duiWVbouSC6MyttNIXh-YGQYznvk_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame C67F	8 KB 3 KB	26ms 24ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjd9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 2802	8 KB 3 KB	25ms 23ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMzF9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 47D3	21 KB 9 KB	19ms 17ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=Sy3nnw3A5XI_JHvopYW8lRZshtS4uGUU_KEOgI548S02m0d9GxPyKJan3rqJV6K4Oe1aznk5YLUrEO95nu3UjvMgxwOVTusbuJh6WQG4dL4xHI9J9kKVpcbpz0_om6AOSg_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash e3dd901eee0f23a12f94f5d5a033792014b6d3544666c85e8a0a1b6f8a47076b Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 129C	8 KB 3 KB	24ms 22ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjh9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 4CFA	8 KB 3 KB	22ms 21ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzEsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzEsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxOTU2NTczNzk0IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MSIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MSIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjl9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	main.a2f20435696a25382b5f.css creative.xliirdr.com/widgets/v4/Universal/ Frame 6EC4	13 KB 4 KB	23ms 22ms	Stylesheet text/css	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.css Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 2 etag W/"64748f89-3454" vary Accept-Encoding content-type text/css cache-control max-age=10 cf-ray 7d096df15af20c85-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:23 GMT
GET H2	200	main.a2f20435696a25382b5f.js Show response creative.xliirdr.com/widgets/v4/Universal/ Frame 6EC4	269 KB 77 KB	30ms 29ms	Script application/javascript	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e97e86bc57e6bc633f0aa540e545d11070b24aafc766fa34fbbe823c745d8d5a Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 3 etag W/"64748f89-43561" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=10 cf-ray 7d096df15af40c85-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:22 GMT
GET H2	200	main.a2f20435696a25382b5f.css creative.xliirdr.com/widgets/v4/Universal/ Frame A63A	13 KB 4 KB	41ms 41ms	Stylesheet text/css	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.css Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 2 etag W/"64748f89-3454" vary Accept-Encoding content-type text/css cache-control max-age=10 cf-ray 7d096df15afa0c85-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:23 GMT
GET H2	200	main.a2f20435696a25382b5f.js Show response creative.xliirdr.com/widgets/v4/Universal/ Frame A63A	269 KB 77 KB	41ms 41ms	Script application/javascript	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e97e86bc57e6bc633f0aa540e545d11070b24aafc766fa34fbbe823c745d8d5a Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 3 etag W/"64748f89-43561" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=10 cf-ray 7d096df15afb0c85-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:22 GMT
GET H2	200	main.a2f20435696a25382b5f.css creative.xliirdr.com/widgets/v4/Universal/ Frame E80A	13 KB 4 KB	39ms 39ms	Stylesheet text/css	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.css Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 2 etag W/"64748f89-3454" vary Accept-Encoding content-type text/css cache-control max-age=10 cf-ray 7d096df16afd0c85-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:23 GMT
GET H2	200	main.a2f20435696a25382b5f.js Show response creative.xliirdr.com/widgets/v4/Universal/ Frame E80A	269 KB 77 KB	40ms 39ms	Script application/javascript	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e97e86bc57e6bc633f0aa540e545d11070b24aafc766fa34fbbe823c745d8d5a Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 3 etag W/"64748f89-43561" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=10 cf-ray 7d096df16afe0c85-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:22 GMT
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 04B1	8 KB 3 KB	22ms 21ms	Script application/javascript	8.248.115.247 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbbnr.com URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgwNzMsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgwNzMsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMTM0MDQxNDk2IiwidXRtMSI6InRjYmFuX3MiLCJ1dG0yIjoiODA3MyIsInV0bTMiOiIyMTk0MyIsInV0bTQiOiIifSwiYmFubmVyIjp7InciOjMwMCwiaCI6MTAwfX1dLCJzaXRlIjp7ImlkIjoiODA3MyIsInBhZ2UiOiJodHRwczovL3RyYW5zLmZpcm0uaW4vaW1nLTY0MDM1NGUxZGJjMGMuaHRtbCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YTkxYzFlM2ExMWQ0MjU1NWUyNTlkMWRiZDVkZGI0YyJ9LCJleHQiOnsiZHQiOjE2ODU2NDMxOTQwMjJ9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.248.115.247 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 366a43d17427ef39a1150a22a17da77a8d4c0f1edf4a34c086f31025359e0fc9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 12:50:59 GMT server nginx age 14874348 etag W/"637e1733-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2884
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame 5E96	5 KB 5 KB	393ms 51ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=5ZlefOKyz92A_i3Xesg19VS_Ty_0zx_VMvsfvs6xEtUPzPhqltcvTiVrgDadUIFWLZg4UzYU6dflItnuh1sQ2H_Kkjk2RxKnHTr3xPg9gXmJdih0h4JQORAjNmFmtyBaHw_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12121-h-0-0---;11014-20-6179----0-1-0 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 5E96	3 KB 3 KB	19ms 19ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=5ZlefOKyz92A_i3Xesg19VS_Ty_0zx_VMvsfvs6xEtUPzPhqltcvTiVrgDadUIFWLZg4UzYU6dflItnuh1sQ2H_Kkjk2RxKnHTr3xPg9gXmJdih0h4JQORAjNmFmtyBaHw_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 5E96	16 KB 17 KB	15ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=5ZlefOKyz92A_i3Xesg19VS_Ty_0zx_VMvsfvs6xEtUPzPhqltcvTiVrgDadUIFWLZg4UzYU6dflItnuh1sQ2H_Kkjk2RxKnHTr3xPg9gXmJdih0h4JQORAjNmFmtyBaHw_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	10010242 Show response a.adtng.com/get/ Frame A098	21 KB 9 KB	17ms 17ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=rd-BYNJku3kRGD27VlTiu_PaF0F0FMYVIvfcg8eGKtGnG6kgJfXp51C7zakwi0CpOpRmEZXNAL_maQQGRAGgL8aRY-5CpB1yT6l0eiSVdTUV0SJiyv4e5kKvpBWwqe4qzw_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 243e6762183ef97a29775d4b6b5b1a33592bede14fb1cdfc0dfd9e3b9732318e Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 48B8	21 KB 9 KB	23ms 23ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=G0IBc_f19U7VPY7BNfGdNBr2tq9NHsCQLZyrwMkqmDMLZnhZCDoxhsBVv7nxIDbUGSuLsLMdRFjEFGeFuMFdPEmBqL8CbNHqlW7NF12OdR3SJejWu3-ALdWpNxEbzD-lCMg_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=657216569&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash e4f25b3de767d677de1c1406b70a0ec02cbc5b2a3e1809198b091eb604710cba Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 47D3	5 KB 5 KB	15ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=Sy3nnw3A5XI_JHvopYW8lRZshtS4uGUU_KEOgI548S02m0d9GxPyKJan3rqJV6K4Oe1aznk5YLUrEO95nu3UjvMgxwOVTusbuJh6WQG4dL4xHI9J9kKVpcbpz0_om6AOSg_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop122.am5.t,1685643195.cds130.am5.shn,1685643195.dop122.am5.t,1685643195.cds149.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10752814 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	1060063_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame 47D3	3 KB 3 KB	15ms 15ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=Sy3nnw3A5XI_JHvopYW8lRZshtS4uGUU_KEOgI548S02m0d9GxPyKJan3rqJV6K4Oe1aznk5YLUrEO95nu3UjvMgxwOVTusbuJh6WQG4dL4xHI9J9kKVpcbpz0_om6AOSg_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 17 Feb 2023 16:58:00 GMT ETag "1676653080" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds300.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10405377 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 47D3	16 KB 17 KB	16ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=Sy3nnw3A5XI_JHvopYW8lRZshtS4uGUU_KEOgI548S02m0d9GxPyKJan3rqJV6K4Oe1aznk5YLUrEO95nu3UjvMgxwOVTusbuJh6WQG4dL4xHI9J9kKVpcbpz0_om6AOSg_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 3349	21 KB 9 KB	18ms 16ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CKTf1AdkbXshuKpKUYSCjGXIGN3K2Y9adB8Njfpg3KWM7dDoSvloADGk_OQMYL1jNbBZqRBkRrrPK9PextR4A0XacEJMQ6D-LdoPFKNF7DCjW2uoUjifzawUo2RBw2PXSA_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 6e959372f346aa3e3a4b567a0b2f9841c3dfe53efab98b95ae0005ab941f6bf2 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame BBE5	21 KB 9 KB	19ms 18ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=fRVNNqaPZYC12KAocKdAGCQyNxliYWcoNZjdgh56FL_-skG56Da-grPJyGledp2XGNA5wodIsgAVdv98hjq1XLz2Wv3JxiLoEWENvO7sNJApFVf0QPyyVRuLAB5Pg1N-W8k_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash a9fd79e1f506bc9163fcc3f3bb02fbfa6979927f862989a900766b71e07170cb Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame A098	5 KB 5 KB	281ms 52ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=rd-BYNJku3kRGD27VlTiu_PaF0F0FMYVIvfcg8eGKtGnG6kgJfXp51C7zakwi0CpOpRmEZXNAL_maQQGRAGgL8aRY-5CpB1yT6l0eiSVdTUV0SJiyv4e5kKvpBWwqe4qzw_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12121-h-0-0---;11014-20-6179----0-1-0 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H2	200	1061051_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame A098	3 KB 3 KB	306ms 77ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=rd-BYNJku3kRGD27VlTiu_PaF0F0FMYVIvfcg8eGKtGnG6kgJfXp51C7zakwi0CpOpRmEZXNAL_maQQGRAGgL8aRY-5CpB1yT6l0eiSVdTUV0SJiyv4e5kKvpBWwqe4qzw_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:40:00 GMT etag "ab8-5f63ec8c03c00" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10647197 x-cdn-diag fra1-11014-3-12185-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 2744 expires Sat, 09 Sep 2023 03:34:58 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame A098	16 KB 17 KB	16ms 16ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=rd-BYNJku3kRGD27VlTiu_PaF0F0FMYVIvfcg8eGKtGnG6kgJfXp51C7zakwi0CpOpRmEZXNAL_maQQGRAGgL8aRY-5CpB1yT6l0eiSVdTUV0SJiyv4e5kKvpBWwqe4qzw_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds223.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10534876 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 37A3	21 KB 9 KB	18ms 18ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CubwBskhrcN3x7oVgTeDfRlMgw-j-9Qomwo-qaTMUN2u5-LYcK7QdmuIP5RnLQpYSGQ5upqhBR1XfPL47JbAXnki51xpC1arh4f8uDJiM6urd4yeDyS5F4A0hwg--nY4XQ_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash d152febf0c81844983c4d48795669d1ade725e5241b8aab592b8290cd644ce8c Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 48B8	5 KB 5 KB	17ms 16ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=G0IBc_f19U7VPY7BNfGdNBr2tq9NHsCQLZyrwMkqmDMLZnhZCDoxhsBVv7nxIDbUGSuLsLMdRFjEFGeFuMFdPEmBqL8CbNHqlW7NF12OdR3SJejWu3-ALdWpNxEbzD-lCMg_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop004.am5.t,1685643195.cds201.am5.shn,1685643195.cds201.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10373576 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 48B8	3 KB 3 KB	17ms 17ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=G0IBc_f19U7VPY7BNfGdNBr2tq9NHsCQLZyrwMkqmDMLZnhZCDoxhsBVv7nxIDbUGSuLsLMdRFjEFGeFuMFdPEmBqL8CbNHqlW7NF12OdR3SJejWu3-ALdWpNxEbzD-lCMg_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 48B8	16 KB 17 KB	25ms 22ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=G0IBc_f19U7VPY7BNfGdNBr2tq9NHsCQLZyrwMkqmDMLZnhZCDoxhsBVv7nxIDbUGSuLsLMdRFjEFGeFuMFdPEmBqL8CbNHqlW7NF12OdR3SJejWu3-ALdWpNxEbzD-lCMg_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H3	200	Universal Show response creative.xliirdr.com/widgets/v4/ Frame FA79 Redirect Chain https://go.xlivrdr.com/smartpop/128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=271333&memberId=oDb... https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpo...	852 B 630 B	27ms 27ms	Document text/html	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fb0d10e2604f73659fdddd9774473f938b9aa6cc9f478eed9cb2dc2a5c138c7 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 2 alt-svc h3=":443"; ma=86400 cache-control max-age=10 cf-cache-status HIT cf-ray 7d096df28a140c2d-AMS content-encoding br content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT expires Thu, 01 Jun 2023 18:13:23 GMT last-modified Mon, 29 May 2023 11:40:40 GMT pragma public report-to { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 } server cloudflare strict-transport-security max-age=15768000 vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d096df2483d0bc1-AMS content-length 0 date Thu, 01 Jun 2023 18:13:15 GMT location https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 server cloudflare
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame 3349	5 KB 5 KB	265ms 55ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CKTf1AdkbXshuKpKUYSCjGXIGN3K2Y9adB8Njfpg3KWM7dDoSvloADGk_OQMYL1jNbBZqRBkRrrPK9PextR4A0XacEJMQ6D-LdoPFKNF7DCjW2uoUjifzawUo2RBw2PXSA_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12119-h-0-0---;11014-20-6179----0-1-0 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H/1.1	200 OK	1060063_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame 3349	3 KB 3 KB	17ms 16ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CKTf1AdkbXshuKpKUYSCjGXIGN3K2Y9adB8Njfpg3KWM7dDoSvloADGk_OQMYL1jNbBZqRBkRrrPK9PextR4A0XacEJMQ6D-LdoPFKNF7DCjW2uoUjifzawUo2RBw2PXSA_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 17 Feb 2023 16:58:00 GMT ETag "1676653080" X-HW 1685643195.dop122.am5.t,1685643195.cds130.am5.shn,1685643195.dop122.am5.t,1685643195.cds300.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10405377 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 3349	16 KB 17 KB	24ms 21ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CKTf1AdkbXshuKpKUYSCjGXIGN3K2Y9adB8Njfpg3KWM7dDoSvloADGk_OQMYL1jNbBZqRBkRrrPK9PextR4A0XacEJMQ6D-LdoPFKNF7DCjW2uoUjifzawUo2RBw2PXSA_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame BBE5	5 KB 5 KB	277ms 70ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=fRVNNqaPZYC12KAocKdAGCQyNxliYWcoNZjdgh56FL_-skG56Da-grPJyGledp2XGNA5wodIsgAVdv98hjq1XLz2Wv3JxiLoEWENvO7sNJApFVf0QPyyVRuLAB5Pg1N-W8k_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12118-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame BBE5	3 KB 3 KB	17ms 17ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=fRVNNqaPZYC12KAocKdAGCQyNxliYWcoNZjdgh56FL_-skG56Da-grPJyGledp2XGNA5wodIsgAVdv98hjq1XLz2Wv3JxiLoEWENvO7sNJApFVf0QPyyVRuLAB5Pg1N-W8k_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame BBE5	16 KB 17 KB	20ms 20ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=fRVNNqaPZYC12KAocKdAGCQyNxliYWcoNZjdgh56FL_-skG56Da-grPJyGledp2XGNA5wodIsgAVdv98hjq1XLz2Wv3JxiLoEWENvO7sNJApFVf0QPyyVRuLAB5Pg1N-W8k_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds143.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10662892 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	10010242 Show response a.adtng.com/get/ Frame DDA8	21 KB 9 KB	20ms 19ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=1MMU9hL_N3YscQiFLTdoqGqZoJXiYt0nyXPsEhtFZz2tqAWX0Wb4_lDNWYscDjLIewvrknqu8cP2pk9Kb2qT5XZJ7WbGid8Gox3JQ4KIl5LyyF7ItgwZkgY3N7wT_akBdMo_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash ed997bdd42ad1eea4f095ab05a5afa913e18d797ebe21081dd43fda26bfca9e2 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 994E	21 KB 9 KB	21ms 20ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=i4WoWM8RUySpf8RfswBITAVu_G6GGBhKGqzsRlStc44VfTlncb1OOr4aZu2NruxcRB_uKmaY7OFVqyY5Q0aYScHOeUAVtqvh0jh9780Ie5CtRkA6vJgjI8k9hq7PKbSSFTY_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 11e9020f86af7c1c4d69cdaa44dcda8c0716c98a7a8b28bddcb6b43b15e496ed Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame A093	21 KB 9 KB	21ms 21ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=zUmwNq9sxJeUwZa5P60HgCna_z76zO4_ufevElPp-8Fy-cmx1QnqZBV4C0eWRz-SOgMRacIeJ5ngRBGj8h0hhnMjHLQaP9tYSDxOz-IyBufJ4emI7tkeAh2jN-hq3-8MfQ_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash d8152f76ad2eff5725eb13248c751ebbd52ff88d5b4a3a90c7b04671e6970702 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H3	200	en.json Show response creative.xliirdr.com/widgets/v4/Universal/lang/ Frame 6EC4	172 B 341 B	23ms 22ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/lang/en.json Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:40:40 GMT server cloudflare age 4 etag W/"64748f38-ac" vary Accept-Encoding content-type application/json cache-control max-age=10 cf-ray 7d096df29a1b0c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:18 GMT
GET H2	200	config Show response go.xliirdr.com/ Frame 6EC4	6 KB 2 KB	86ms 39ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/config?url=https%3A%2F%2Fcreative.xliirdr.com%2Fwidgets%2Fv4%2FUniversal%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%2523930606%26campaignId%3D128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344%26campaignType%3Dsmartpop%26creativeId%3D2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26iterationId%3D30231%26liveBadgeColor%3D%2523ff0707%26masterSmartpopId%3D0%26memberId%3Ds20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi%26p1%3D3761372%26ruleId%3D0%26showButton%3D1%26showModelName%3D1%26showTitle%3D%26smartpopId%3D1548%26sourceId%3D271333%26thumbSizeKey%3Dbig%26trackOff%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26variationId%3D22460 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5268e21219e077df5bbd8f85e5b205dc89e5cebd45da898e2a6d6842e320802 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status MISS last-modified Thu, 01 Jun 2023 18:13:15 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cf-ray 7d096df2d8ce0b40-AMS alt-svc h3=":443"; ma=86400
GET H2	200	adsbygoogle.js Show response video.ktkjmp.com/ Frame 6EC4	16 B 667 B	66ms 22ms	Fetch application/javascript	2606:4700:3110::6812:3015 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.ktkjmp.com/adsbygoogle.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:3015 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT x-amz-version-id eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG cf-cache-status HIT x-amz-request-id G1890SVVQRD857Z0 age 861 alt-svc h3=":443"; ma=86400 content-length 16 x-amz-id-2 82LrMcdTIgiiUrI9u3lX3tFHaCLr3ymHKLkEwNLyokkeYiwFlIM4yC4yCFQnnUQuIMhDhYz/PaY= last-modified Thu, 10 Mar 2022 13:52:07 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar etag "3d7f7a60216d40dea48e495fef6903c9" vary Accept-Encoding content-type application/javascript access-control-allow-origin https://creative.xliirdr.com cache-control public, max-age=7200 access-control-allow-credentials true accept-ranges bytes cf-ray 7d096df2df73289d-AMS access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with expires Thu, 01 Jun 2023 20:13:15 GMT
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 243E	21 KB 9 KB	32ms 32ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=4jXawqrYemlDUxhHpjnajc9ykPMIhfpvall1f-O6e2P6f4LneCPQXlYq6GjjPTjAlipZgrKCPWMAHPiCTqpOy8FO__3Wh0dWGAffWg0aSb2Qw_38ikQRb8PGjL53qzB1IQ_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash e852b5f3db7991d548819beaf12e93afcb6a1a308d391e3daf564bee0989e2db Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame 9E1C	21 KB 9 KB	20ms 20ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=lAM5OzYA78HcOeSC6bc5f8tjDIvIttB8zjmmlFQsc4WEmNF4FsxLcbr4_T6kuiq3FwYIz3oDHVbv0YoUf95ywLMIx0-SXtWQ8-KySk1UE7Q3ewdLQiNlt58j6VmJ0He586I_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 284939c10cc92fb406249fa5eaa71535032b4b8594ed54d1ae6739ab56f7a0d5 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame B015	21 KB 9 KB	21ms 21ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=dLNSqTLLw_0kjQjbps7rYby3UhEiHMaZeHP_IEITYgrjvKyxQsPDgliVAGAXx-LXty2-0hf-_WKULYmAstyCE6In9SMbbwmoJYK2TW4BEH5nyysBBE3lUtP_ste9UhrI7A_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 90c1bb4f3042e9213a5259dae4a24c15c413c9d48504b97136127d7279dafa3d Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H2	200	10010242 Show response a.adtng.com/get/ Frame DE14	21 KB 9 KB	17ms 17ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=9dhQeT0Y5soIH4P8qsAbM0QODa5UvpZ4cdmdO4APbV2PIULMVIn9idh36fOfKtfC79UQXsGrOOC5PtVGtaj3dd24RQxnHg3ypDlZ7vKwc_3nuSK0KdHU0B-yRuP3t_DJRRw_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 86e66fb306546bb91021a791f843354fed3840f399648b8c266c7ee2efb26825 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H3	200	en.json Show response creative.xliirdr.com/widgets/v4/Universal/lang/ Frame A63A	172 B 305 B	25ms 24ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/lang/en.json Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:40:40 GMT server cloudflare age 4 etag W/"64748f38-ac" vary Accept-Encoding content-type application/json cache-control max-age=10 cf-ray 7d096df2da450c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:18 GMT
GET H2	200	config Show response go.xliirdr.com/ Frame A63A	6 KB 2 KB	51ms 45ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/config?url=https%3A%2F%2Fcreative.xliirdr.com%2Fwidgets%2Fv4%2FUniversal%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%2523930606%26campaignId%3D128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344%26campaignType%3Dsmartpop%26creativeId%3D2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26iterationId%3D30231%26liveBadgeColor%3D%2523ff0707%26masterSmartpopId%3D0%26memberId%3DZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi%26p1%3D3761372%26ruleId%3D0%26showButton%3D1%26showModelName%3D1%26showTitle%3D%26smartpopId%3D1548%26sourceId%3D271333%26thumbSizeKey%3Dbig%26trackOff%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26variationId%3D22460 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d958ac0cfbc2dff4dd16f1b853925c430fe2d8e5549199e04a0b920c2454576a Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status MISS last-modified Thu, 01 Jun 2023 18:13:15 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cf-ray 7d096df2d8d20b40-AMS alt-svc h3=":443"; ma=86400
GET H2	200	adsbygoogle.js Show response video.ktkjmp.com/ Frame A63A	16 B 82 B	29ms 28ms	Fetch application/javascript	2606:4700:3110::6812:3015 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.ktkjmp.com/adsbygoogle.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:3015 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT x-amz-version-id eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG cf-cache-status HIT x-amz-request-id G1890SVVQRD857Z0 age 861 alt-svc h3=":443"; ma=86400 content-length 16 x-amz-id-2 82LrMcdTIgiiUrI9u3lX3tFHaCLr3ymHKLkEwNLyokkeYiwFlIM4yC4yCFQnnUQuIMhDhYz/PaY= last-modified Thu, 10 Mar 2022 13:52:07 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar etag "3d7f7a60216d40dea48e495fef6903c9" vary Accept-Encoding content-type application/javascript access-control-allow-origin https://creative.xliirdr.com cache-control public, max-age=7200 access-control-allow-credentials true accept-ranges bytes cf-ray 7d096df2df76289d-AMS access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with expires Thu, 01 Jun 2023 20:13:15 GMT
GET H3	200	en.json Show response creative.xliirdr.com/widgets/v4/Universal/lang/ Frame E80A	172 B 305 B	37ms 36ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/lang/en.json Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:40:40 GMT server cloudflare age 4 etag W/"64748f38-ac" vary Accept-Encoding content-type application/json cache-control max-age=10 cf-ray 7d096df2ea4d0c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:18 GMT
GET H2	200	config Show response go.xliirdr.com/ Frame E80A	6 KB 2 KB	38ms 37ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/config?url=https%3A%2F%2Fcreative.xliirdr.com%2Fwidgets%2Fv4%2FUniversal%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%2523930606%26campaignId%3D128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344%26campaignType%3Dsmartpop%26creativeId%3D2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26iterationId%3D30231%26liveBadgeColor%3D%2523ff0707%26masterSmartpopId%3D0%26memberId%3Dt3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi%26p1%3D3761372%26ruleId%3D0%26showButton%3D1%26showModelName%3D1%26showTitle%3D%26smartpopId%3D1548%26sourceId%3D271333%26thumbSizeKey%3Dbig%26trackOff%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26variationId%3D22460 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eae21bea26853f3d684b55214264f2717f11951d23026ef3bab2620e0153087b Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status MISS last-modified Thu, 01 Jun 2023 18:13:15 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cf-ray 7d096df2e8df0b40-AMS alt-svc h3=":443"; ma=86400
GET H2	200	adsbygoogle.js Show response video.ktkjmp.com/ Frame E80A	16 B 82 B	21ms 21ms	Fetch application/javascript	2606:4700:3110::6812:3015 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.ktkjmp.com/adsbygoogle.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:3015 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT x-amz-version-id eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG cf-cache-status HIT x-amz-request-id G1890SVVQRD857Z0 age 861 alt-svc h3=":443"; ma=86400 content-length 16 x-amz-id-2 82LrMcdTIgiiUrI9u3lX3tFHaCLr3ymHKLkEwNLyokkeYiwFlIM4yC4yCFQnnUQuIMhDhYz/PaY= last-modified Thu, 10 Mar 2022 13:52:07 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar etag "3d7f7a60216d40dea48e495fef6903c9" vary Accept-Encoding content-type application/javascript access-control-allow-origin https://creative.xliirdr.com cache-control public, max-age=7200 access-control-allow-credentials true accept-ranges bytes cf-ray 7d096df2ef94289d-AMS access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with expires Thu, 01 Jun 2023 20:13:15 GMT
GET H2	206	1061051_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 34DF	394 KB 394 KB	161ms 56ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=15Zr4xhPIacNIXx03EG0x9mcqBpEGzZEgG3gsKBlXxDPH2_rRtWoZm_-tZ9FXUweoE3oiODlYleXt6-xsAAgbUhBf2H4tIRxWBPA6JbGVDfMh2QZTB2yLd91xNVTIR7jIh8_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:41:55 GMT etag "626c6-5f63ecf9afec0" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-403141/403142 cache-control max-age=10403878 x-cdn-diag fra1-11014-2-12118-h-0-0---;11014-20-6179----0-0-2 Content-Length 403142 expires Thu, 07 Sep 2023 07:53:03 GMT
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 37A3	5 KB 5 KB	22ms 20ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CubwBskhrcN3x7oVgTeDfRlMgw-j-9Qomwo-qaTMUN2u5-LYcK7QdmuIP5RnLQpYSGQ5upqhBR1XfPL47JbAXnki51xpC1arh4f8uDJiM6urd4yeDyS5F4A0hwg--nY4XQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop122.am5.t,1685643195.cds130.am5.shn,1685643195.dop122.am5.t,1685643195.cds300.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10639102 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H2	200	1061051_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 37A3	3 KB 3 KB	176ms 76ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CubwBskhrcN3x7oVgTeDfRlMgw-j-9Qomwo-qaTMUN2u5-LYcK7QdmuIP5RnLQpYSGQ5upqhBR1XfPL47JbAXnki51xpC1arh4f8uDJiM6urd4yeDyS5F4A0hwg--nY4XQ_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:40:00 GMT etag "ab8-5f63ec8c03c00" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10647197 x-cdn-diag fra1-11014-3-12175-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 2744 expires Sat, 09 Sep 2023 03:34:58 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 37A3	16 KB 17 KB	29ms 20ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CubwBskhrcN3x7oVgTeDfRlMgw-j-9Qomwo-qaTMUN2u5-LYcK7QdmuIP5RnLQpYSGQ5upqhBR1XfPL47JbAXnki51xpC1arh4f8uDJiM6urd4yeDyS5F4A0hwg--nY4XQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	206	1060063_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame C1DC	458 KB 459 KB	204ms 104ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=-qBs6BfO6yoBeBQPHki_vJI8FhnOkkKXeeotRAppflzkUds1q9-RVvfTIhDAy5xw2S6Nt7TlNslcLn6czBVaKA7NFSSFURPs1-UtjPUbsAzrzP8zmwhaMlEDT5h8mYJJXes_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash f18ee58ffc097c2a84c6f8f9b16d6751ca960ee5e9a71c6f7078174e7609dbfa Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 17 Feb 2023 17:00:28 GMT etag "7295f-5f4e840110300" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-469342/469343 cache-control max-age=10775710 x-cdn-diag fra1-11037-2-899677-h-0-0---;11014-20-6179----0-0-4 Content-Length 469343 expires Tue, 15 Aug 2023 14:11:26 GMT
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame DDA8	5 KB 5 KB	150ms 69ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=1MMU9hL_N3YscQiFLTdoqGqZoJXiYt0nyXPsEhtFZz2tqAWX0Wb4_lDNWYscDjLIewvrknqu8cP2pk9Kb2qT5XZJ7WbGid8Gox3JQ4KIl5LyyF7ItgwZkgY3N7wT_akBdMo_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12119-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame DDA8	3 KB 3 KB	25ms 19ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=1MMU9hL_N3YscQiFLTdoqGqZoJXiYt0nyXPsEhtFZz2tqAWX0Wb4_lDNWYscDjLIewvrknqu8cP2pk9Kb2qT5XZJ7WbGid8Gox3JQ4KIl5LyyF7ItgwZkgY3N7wT_akBdMo_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop004.am5.t,1685643195.cds201.am5.shn,1685643195.dop004.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame DDA8	16 KB 17 KB	24ms 24ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=1MMU9hL_N3YscQiFLTdoqGqZoJXiYt0nyXPsEhtFZz2tqAWX0Wb4_lDNWYscDjLIewvrknqu8cP2pk9Kb2qT5XZJ7WbGid8Gox3JQ4KIl5LyyF7ItgwZkgY3N7wT_akBdMo_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop122.am5.t,1685643195.cds130.am5.shn,1685643195.dop122.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 994E	5 KB 5 KB	28ms 21ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=i4WoWM8RUySpf8RfswBITAVu_G6GGBhKGqzsRlStc44VfTlncb1OOr4aZu2NruxcRB_uKmaY7OFVqyY5Q0aYScHOeUAVtqvh0jh9780Ie5CtRkA6vJgjI8k9hq7PKbSSFTY_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds149.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10752814 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 994E	3 KB 3 KB	26ms 19ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=i4WoWM8RUySpf8RfswBITAVu_G6GGBhKGqzsRlStc44VfTlncb1OOr4aZu2NruxcRB_uKmaY7OFVqyY5Q0aYScHOeUAVtqvh0jh9780Ie5CtRkA6vJgjI8k9hq7PKbSSFTY_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 994E	16 KB 17 KB	17ms 17ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=i4WoWM8RUySpf8RfswBITAVu_G6GGBhKGqzsRlStc44VfTlncb1OOr4aZu2NruxcRB_uKmaY7OFVqyY5Q0aYScHOeUAVtqvh0jh9780Ie5CtRkA6vJgjI8k9hq7PKbSSFTY_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame A093	5 KB 5 KB	21ms 17ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=zUmwNq9sxJeUwZa5P60HgCna_z76zO4_ufevElPp-8Fy-cmx1QnqZBV4C0eWRz-SOgMRacIeJ5ngRBGj8h0hhnMjHLQaP9tYSDxOz-IyBufJ4emI7tkeAh2jN-hq3-8MfQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop122.am5.t,1685643195.cds130.am5.shn,1685643195.dop122.am5.t,1685643195.cds300.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10639102 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame A093	3 KB 3 KB	21ms 18ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=zUmwNq9sxJeUwZa5P60HgCna_z76zO4_ufevElPp-8Fy-cmx1QnqZBV4C0eWRz-SOgMRacIeJ5ngRBGj8h0hhnMjHLQaP9tYSDxOz-IyBufJ4emI7tkeAh2jN-hq3-8MfQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame A093	16 KB 17 KB	23ms 23ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=zUmwNq9sxJeUwZa5P60HgCna_z76zO4_ufevElPp-8Fy-cmx1QnqZBV4C0eWRz-SOgMRacIeJ5ngRBGj8h0hhnMjHLQaP9tYSDxOz-IyBufJ4emI7tkeAh2jN-hq3-8MfQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	206	1061051_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 4C96	394 KB 394 KB	154ms 78ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=aRUa5tNG4xblk_G3uOV1MUVpECe4Yz2bVzpBBbiVexbO-af_FEUBdf8bO72d1zx0ENXdOjpYWSJr96622IZBrOBJ5Jr_GSQptuZTJpUOtYAwW-qvA-mVKSocUzrK9CyqDds_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:41:55 GMT etag "626c6-5f63ecf9afec0" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-403141/403142 cache-control max-age=10403878 x-cdn-diag fra1-11014-2-12119-h-0-0---;11014-20-6179----0-0-2 Content-Length 403142 expires Thu, 07 Sep 2023 07:53:03 GMT
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 9997	394 KB 394 KB	22ms 17ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=AgCQErd0edO8R05mwVN7-JMjQJCLeDmIY1jrdhXf3suMhVoOPvFdMaXJiOJfUaHCGHSZsNAFzQZc1dbMTDHdDx9BuEoZbmKEz2uRlvDX6q80eg8AYiDwteGgxpSryVMhb4U_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H2	206	1061051_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 6AB9	394 KB 394 KB	178ms 104ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=HogSGGNOjc7OLvjhB3mygJVFyR8pwtZsAoYfVXyupc1OxnUyJ-3ht6gC7LJmZOXPZ2HSEAmu-ftJi-A5txvIBvY4U_O5AJDbmeuukyTw2Ao8WfDRg_bXrvfmE9-pxrBTFx0_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:41:55 GMT etag "626c6-5f63ecf9afec0" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-403141/403142 cache-control max-age=10403878 x-cdn-diag fra1-11014-2-12119-h-0-0---;11014-20-6179----0-2-1 Content-Length 403142 expires Thu, 07 Sep 2023 07:53:03 GMT
GET H2	200	10010242 Show response a.adtng.com/get/ Frame EED5	21 KB 9 KB	18ms 17ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=MxadNwo50dqOqlCf8lfffLM5gc9g1gTYGz5eC779TEcDtfpOabk76k3IsM12kWscBnWh3PtrxP_s57o-DZptWPKKYV5cneDUECQuNSD8OTc-pAnRTcFazVc8PdK8hT7GVQ_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash df5d9dd213525edec3d79b5360302821b6b86b87ed74a081af48ba429563e112 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Thu, 01 Jun 2023 18:13:15 GMT server openresty
GET H3	200	main.a2f20435696a25382b5f.css creative.xliirdr.com/widgets/v4/Universal/ Frame FA79	13 KB 4 KB	22ms 22ms	Stylesheet text/css	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.css Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 2 etag W/"64748f89-3454" vary Accept-Encoding content-type text/css cache-control max-age=10 cf-ray 7d096df33a780c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:23 GMT
GET H3	200	main.a2f20435696a25382b5f.js Show response creative.xliirdr.com/widgets/v4/Universal/ Frame FA79	269 KB 78 KB	30ms 30ms	Script application/javascript	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e97e86bc57e6bc633f0aa540e545d11070b24aafc766fa34fbbe823c745d8d5a Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 3 etag W/"64748f89-43561" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=10 cf-ray 7d096df33a790c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:22 GMT
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame 9E1C	5 KB 5 KB	19ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=lAM5OzYA78HcOeSC6bc5f8tjDIvIttB8zjmmlFQsc4WEmNF4FsxLcbr4_T6kuiq3FwYIz3oDHVbv0YoUf95ywLMIx0-SXtWQ8-KySk1UE7Q3ewdLQiNlt58j6VmJ0He586I_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds149.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10752814 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 9E1C	3 KB 3 KB	20ms 15ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=lAM5OzYA78HcOeSC6bc5f8tjDIvIttB8zjmmlFQsc4WEmNF4FsxLcbr4_T6kuiq3FwYIz3oDHVbv0YoUf95ywLMIx0-SXtWQ8-KySk1UE7Q3ewdLQiNlt58j6VmJ0He586I_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop004.am5.t,1685643195.cds201.am5.shn,1685643195.dop004.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 9E1C	16 KB 17 KB	25ms 25ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=lAM5OzYA78HcOeSC6bc5f8tjDIvIttB8zjmmlFQsc4WEmNF4FsxLcbr4_T6kuiq3FwYIz3oDHVbv0YoUf95ywLMIx0-SXtWQ8-KySk1UE7Q3ewdLQiNlt58j6VmJ0He586I_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop004.am5.t,1685643195.cds201.am5.shn,1685643195.dop004.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame B015	5 KB 5 KB	18ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=dLNSqTLLw_0kjQjbps7rYby3UhEiHMaZeHP_IEITYgrjvKyxQsPDgliVAGAXx-LXty2-0hf-_WKULYmAstyCE6In9SMbbwmoJYK2TW4BEH5nyysBBE3lUtP_ste9UhrI7A_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds149.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10752814 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame B015	3 KB 3 KB	20ms 16ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=dLNSqTLLw_0kjQjbps7rYby3UhEiHMaZeHP_IEITYgrjvKyxQsPDgliVAGAXx-LXty2-0hf-_WKULYmAstyCE6In9SMbbwmoJYK2TW4BEH5nyysBBE3lUtP_ste9UhrI7A_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop122.am5.t,1685643195.cds130.am5.shn,1685643195.dop122.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame B015	16 KB 17 KB	22ms 22ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=dLNSqTLLw_0kjQjbps7rYby3UhEiHMaZeHP_IEITYgrjvKyxQsPDgliVAGAXx-LXty2-0hf-_WKULYmAstyCE6In9SMbbwmoJYK2TW4BEH5nyysBBE3lUtP_ste9UhrI7A_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop122.am5.t,1685643195.cds130.am5.shn,1685643195.dop122.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame 243E	5 KB 5 KB	117ms 72ms	Script application/javascript	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=4jXawqrYemlDUxhHpjnajc9ykPMIhfpvall1f-O6e2P6f4LneCPQXlYq6GjjPTjAlipZgrKCPWMAHPiCTqpOy8FO__3Wh0dWGAffWg0aSb2Qw_38ikQRb8PGjL53qzB1IQ_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "13a3-579af30f7688b" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10658409 x-cdn-diag fra1-11014-2-12121-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 5027 expires Sun, 10 Sep 2023 06:35:10 GMT
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 243E	3 KB 3 KB	18ms 17ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=4jXawqrYemlDUxhHpjnajc9ykPMIhfpvall1f-O6e2P6f4LneCPQXlYq6GjjPTjAlipZgrKCPWMAHPiCTqpOy8FO__3Wh0dWGAffWg0aSb2Qw_38ikQRb8PGjL53qzB1IQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 243E	16 KB 17 KB	24ms 15ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=4jXawqrYemlDUxhHpjnajc9ykPMIhfpvall1f-O6e2P6f4LneCPQXlYq6GjjPTjAlipZgrKCPWMAHPiCTqpOy8FO__3Wh0dWGAffWg0aSb2Qw_38ikQRb8PGjL53qzB1IQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame DE14	5 KB 5 KB	19ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=9dhQeT0Y5soIH4P8qsAbM0QODa5UvpZ4cdmdO4APbV2PIULMVIn9idh36fOfKtfC79UQXsGrOOC5PtVGtaj3dd24RQxnHg3ypDlZ7vKwc_3nuSK0KdHU0B-yRuP3t_DJRRw_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds149.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10752814 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H2	200	1060063_logo.png ht-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame DE14	3 KB 3 KB	144ms 103ms	Image image/png	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=9dhQeT0Y5soIH4P8qsAbM0QODa5UvpZ4cdmdO4APbV2PIULMVIn9idh36fOfKtfC79UQXsGrOOC5PtVGtaj3dd24RQxnHg3ypDlZ7vKwc_3nuSK0KdHU0B-yRuP3t_DJRRw_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 17 Feb 2023 16:58:00 GMT etag "ab8-5f4e8373eb600" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10775710 x-cdn-diag fra1-11037-3-899718-h-0-0---;11014-20-6179----0-0-2 accept-ranges bytes content-length 2744 expires Tue, 15 Aug 2023 14:11:26 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame DE14	16 KB 17 KB	26ms 25ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=9dhQeT0Y5soIH4P8qsAbM0QODa5UvpZ4cdmdO4APbV2PIULMVIn9idh36fOfKtfC79UQXsGrOOC5PtVGtaj3dd24RQxnHg3ypDlZ7vKwc_3nuSK0KdHU0B-yRuP3t_DJRRw_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds223.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10534876 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 4A6F	24 B 122 B	256ms 255ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0WUKVNDzJgyMsi0oIHDhpiROcjcaJGyBo6RODaSiWFmhhgZOcaIeDhHTBoyCnVsEREjB44ZNGrAIJlDRJeHYero1CECxxgYYWqYybFyxg2vI2fAKNMChxgzJ3OYwYFDRg0aM3COwbETIhk7FHHQMPoQTh0xFHHegAoHDsWiOWbwhDOR4Q0bMbzKeDimjWEdMm5EnqHYrhmKD8W4cUMxBw0bqCeLaOMGo47IMmTA6MvadQwaMWLgeFgnRkY0dOjAmaPjxYszb1zgYZPGjhwyclyMedPmxZw2YeQIfwPnRQwZOGAILom2DJkcNsyUYQuDMwwxYmAcLTPmI-4y32WICSMfpOai8nlkWmJl1GTDUTTQ8EMdcyCUBBk9mEdDGUjtJZsMYSQYhhlh4BBZDErdEEZK34URwxjoyRCXbjaMRcNZ9WFoohicmcgWV2K0WAYXdcAgng1zvFGHHB892ENmm83Ao48y2NBGGW2I4SCEcMAgxx1SxAHFHTDkoQUObTiRB4hKkCVGDHY88cVJVtVAhg1ujMTEGiYOccMTYjBRhRNX2HDEF0cMwQSUQjRBhxlUOCEGDXTI0UIaTpAhQxxxxCBEDknEcEYZccCghRRHCJEEEUQEQUMebgzxRBhsNLTqFVXkMUQNUtQQhBx1NPHFGVWMKkUVaSz5Ixwx9OAVZJIJ26QYdQT3RqpvsPGGHD2UoGJiMLRog7I2MGdHGUIYtOkQ0U5brYpmmAHDDevWRQZ1GWkHnxvRTddGXWOE0dgWDT0lwlkLweCCjzU8JIcdlxXFWx1pZMSZDCDmYFoLstEwxkiRhcGSXjmUlZIM-O130w2APZTGZSJ45QJJLpi2clMGf3GywzesjEPLNLxcVx1hZNTEG3qkwQYbYbxQw8AgoHBFGm68e8ccIDhBBQgxCAzDDiAs7YYNNGCNB9cpgBBEYWyUcUUZYiyRBh1GqzyDDUkvgQQVTTDBAgjMrVEGCEfQt8YbYQ-BhhzUleHdbQO7UMNXR-cAAwhTbJhdGm3X_Da-U4ngBBN1TftFfRltXhcbmYv-0EF2fCFHGWxQtHgNIOrlo8FnkIbZ4hWhvqYcC-0mgu5tvEHGQuDddjrhoInwRlA09EU4Hnks1LwIq39GFXDCEWecvKLVS90Ldc1xcLxv0KHvtC3U4cbaLeTmAhljfOdu5gd9Ab_8D9Fx72sH1sB1Q6bJXxtkQJH-_a8oNHiMagyiujLMAQ5f0FcBceA_uCDwIWVIHasQQoeg8IsG_gqDGBrzuwJFhQ0T6QvpAkYZ18CgDwoICA%3D%3D&s=de39d215ca9b3e5d5c53e7af4f133f1d60db6d347c815133f47e7c5c8e533e141685643194&w=t&r=1&d=461&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	1060063_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame 47D3	458 KB 459 KB	18ms 17ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=Sy3nnw3A5XI_JHvopYW8lRZshtS4uGUU_KEOgI548S02m0d9GxPyKJan3rqJV6K4Oe1aznk5YLUrEO95nu3UjvMgxwOVTusbuJh6WQG4dL4xHI9J9kKVpcbpz0_om6AOSg_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash f18ee58ffc097c2a84c6f8f9b16d6751ca960ee5e9a71c6f7078174e7609dbfa Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 17 Feb 2023 17:00:28 GMT ETag "1676653228" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds283.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-469342/469343 Cache-Control max-age=10405377 Connection Keep-Alive Accept-Ranges bytes Content-Length 469343
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame EED5	5 KB 5 KB	22ms 22ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=MxadNwo50dqOqlCf8lfffLM5gc9g1gTYGz5eC779TEcDtfpOabk76k3IsM12kWscBnWh3PtrxP_s57o-DZptWPKKYV5cneDUECQuNSD8OTc-pAnRTcFazVc8PdK8hT7GVQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1685643195.dop004.am5.t,1685643195.cds201.am5.shn,1685643195.dop004.am5.t,1685643195.cds149.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10752814 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	1061051_logo.png hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame EED5	3 KB 3 KB	36ms 20ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=MxadNwo50dqOqlCf8lfffLM5gc9g1gTYGz5eC779TEcDtfpOabk76k3IsM12kWscBnWh3PtrxP_s57o-DZptWPKKYV5cneDUECQuNSD8OTc-pAnRTcFazVc8PdK8hT7GVQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash c8f92d98a24048a70cf412c377ecda22f27f82aeb2960b3362313863787051fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:40:00 GMT ETag "1678124400" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds149.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10797898 Connection Keep-Alive Accept-Ranges bytes Content-Length 2744
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame EED5	16 KB 17 KB	19ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=MxadNwo50dqOqlCf8lfffLM5gc9g1gTYGz5eC779TEcDtfpOabk76k3IsM12kWscBnWh3PtrxP_s57o-DZptWPKKYV5cneDUECQuNSD8OTc-pAnRTcFazVc8PdK8hT7GVQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 0AE5	24 B 122 B	274ms 273ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XIMANDzBgyMci0wJFjRpgWNMjgEDNyTI4xLcjIIBMGBpkaZmyYMSji4Rwxacgo1LFFBI4aOWgonXFDhoguD8PUGZPRpY0aZG7ksNEiRsEcKMXAqNEiBxkaMMqGuSEGxw0yMGSMweE0Khk7FHHQyIHjIZw6YijKyHEjKhw4FGPkKOkTzkQdTG3EYCrj4Zg2iHXIuDF5xgy7Zig-FOPGDcWkNlJXFtHGDUaGM2TIgOG39esYNGLE6CuiToyMaOjQgTNHx4sXZ964wMMmjR05ZOS4GPOmzYs5bcLIGf4GzosYMnDEJYxDp5gyZLaaKYNDvOeOYnHMKDNmTJncZcDLEFMTR5nNuuUAw0ou7TWfGTPYIJ9SP9QxB0JJkNEDejSUMYNSOcwmQxhKhbETDpM1BMMNYZgFXhgxWCVDbLvZAMN9YphR34YoiuEZiu0RJoaLZXBRBwxx2TDHG3XIYV-EPQDo2Qw-AimDDW2U0cZ5ciDJRAxqYFEGHVIkwQZBVOjxRQt3lGEFFWzEkEUQXzxBVgsyaBGGFjLokUUWUYixhh44LPEFFVTckUcUUIhBhRZEYPGFFW-kkUMUeizRAh1arHEGDYRWkccRdgyBxUFoWCFEC2zocUcOdBxBmAxOkBFoEGaIcUQTWtShRhZ2GBFFHDecMcYXZ1SRBBFSVJFGk0HCEUMPkU3WFLJPilGHcG-4McQbbLwhRw8lrFgSDC7aAK0NzdlRhhAGnVHGtdlu2-0MZnB0w4g9iUBGdRltJwZp0lHXRr1jhPHYFjPEAJUIMS4EgwtAOiSCHHZkpthDddSRRkaeydDQYjTACQMNMOVmUll6gUWSTPnxJ8ZmgT2URmYiMOUCDTi4kNTMOdQrxxcvY3zDzDXfvFe9dYSRURNv6JEGG2yE8UINDIOAwhVpuHHvHXOA4AQVIMSwMAw7gEC1GzbQEDYeZacAQhCHsVHGFWWIsUQadDwtc4JSL4EEFU0wwQIIza1RBghH0LfGG2oPgYYc1ZXxHW4Mu1DDDTNALSAIU3ioXRp2_5wgwFTpIIITTNSr7Rf1ZUR6vWyEPnrpDx1kxxdylMEGRZPX0JBeQD4kxxmmaTZ5RfaWMbsYcizEm-xftPEGGQuFh1vsjIsmwhtD0eAX43jksZD2D5cRmujBDVfccfryO111L9Q7B8T5vkGHwNq2UIcbdLdwoQtkjAFevf3LyEG-0L__WeRfDFFQDcpWsKQc0CkJPAoDFUMDpHwGImSgXRnmAIcvCIwiCpygA0VgPA-6bTtDIRgNDhYGMTymeDupAxsm4pfWKcwyr4FBHxQQEA%3D%3D&s=9a31f93d90a98fd2a65992197e315b31071ef522005aa8b889f4a3e46a5910bb1685643194&w=t&r=1&d=544&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 0D97	24 B 122 B	26ms 25ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XUqJEDBgwbZWq0MGiGRgsaNMiMaSFmDA0ZLWTkkFFmxpgaZGTMIINDxMM5YtKQUahjiwgcHFHSmHFDhoguD8PUGZOxzI0ZOUrKEFnGhpmVNGzEMImjjJgZJ2fIwGHGRo4bZmzO8AmRjB2KOGjkwPEQTh0xFGXeiAoHDsUYOXLM-AlnIsMbYpnKeDimjWEdMm7EmME5KhkzFB-KceOGYo6wNmxMFtHGDUYdm2XIgNG39euxMWLwFVEnRkY0dOjAmaPjxYszb1zgYZPGjhwyclyMedPmxZw2YeQIfwPnRYy1MATj8CqmDJkcXsvgwAGDMwwxYmDgmFFmzJgyNGKU-S5DTBj5ZWSWW0c4tHSaYmXEZcN8KP1QxxwIJUFGD-bRUBNKM4UXBkphmBEGDpvFUAMMN4SRAxnfhRHDGOjpJINuNsCAnxhfjSFDGCqeNYOK670lRoxlcFGHRzLYMMcbdchxn4Q9CMjZDEISaUMbZbRRnhxMMiEDHndcpAYbTZwxBBRlLIFDFlZAJ8Qab1DRRhEyDHHHEVGo4QQWQ0ihRBtLnEFEDDDkFIQbdswQBB40RVHFETS40YIdZhgBBRV3qCFEHUQQcUUWUsgwxxImTpHDHVSgsYYWcJjBhhlpNLHEHWfEwGoTSshAhhRJ1JCHG3SogUcddwTxxRlVJEGEFFWkEWV4NsARQw9MRdbUskWKUUdwb7gxxBtsvCFHDyXopNhHH1FrA3N2lCGEQWeUsW2334Y7gxlmkEgiXWRQl5F28LkR3XRt0DVGGI5t0RBUItC4EAwueFTDQ3LYcRliD9VRRxoZcfYiR6fFBAMNYG0WRgt76dUCDifSFIN_YmQG2ENpXCYCUy7QgIMLp9WcA11yfBFzxjfUfHPOetFVRxgZNfGGHmmwwUYYL9TQMAgoXJGGG_neMQcITlABAqAN7wCC1W7YQIPYeJidAghBFMZGGVeYtUQadERN8ww2UL0EElQ0wQQLIDC3RhkgHFEfm2sPgYYc1JXh3VgNu1DDVVJ3BMIUHWaXht1B4y0wVTqI4AQTdHn7hX0ZjU4XG6CLTvpDB9nxhRxlsEHR5DWImJdHEJ9RGmaTVxT7F2LIsdBuw7fxBhkLrTUW7IyHJsIbRNHQF-N45LGQ9SLQDlrowAlHnHH8jvYvdS_QNUfE-75BB8HetlCHG3S3AEMOLqj0Hb6tH_SF_k55CB0CBpsF1cBsDTmNANvglAIiBYGIocENSOSZ2ZVhDnD4AsEoYkAIKlAEZZBdGN6mHaIYjAYIC4MYHCOCg3ioDmyYSF9YtzDKvAYGfVBAQAA%3D&s=aa783b662c16b591dac8fea89ee2edc303106d93a176118e8c740d681ae7c5fd1685643194&w=t&r=1&d=558&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=859444372&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 48B8	394 KB 394 KB	25ms 24ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=G0IBc_f19U7VPY7BNfGdNBr2tq9NHsCQLZyrwMkqmDMLZnhZCDoxhsBVv7nxIDbUGSuLsLMdRFjEFGeFuMFdPEmBqL8CbNHqlW7NF12OdR3SJejWu3-ALdWpNxEbzD-lCMg_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H2	200	eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTU1NCIsInNpZCI6IjEwMDEwMjQyIiwibmlkcyI6IjU0Mjk2IiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDYxMDUxIiwic3YiOiIxNjgyIiwicmVmX2RtbiI6InRzeW5kaWNhdGUuY... Show response a.adtng.com/track/adviews/ Frame 48B8	0 431 B	25ms 24ms	XHR text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTU1NCIsInNpZCI6IjEwMDEwMjQyIiwibmlkcyI6IjU0Mjk2IiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDYxMDUxIiwic3YiOiIxNjgyIiwicmVmX2RtbiI6InRzeW5kaWNhdGUuY29tIiwiZXh0X2NpZCI6IiIsInRzbmFtZSI6IkFGRiIsImNyYyI6IjMiLCJjbiI6IjMwMFgxMDBfVFJGU1RBUlNfSlMiLCJuaWQiOiI1NDI5NiIsImV4dF9wdWIiOiIiLCJjcnAiOiI2OS43NyIsInRpZCI6IjIiLCJpdCI6IjAxXC9KdW5cLzIwMjM6MTg6MTM6MTUgKzAwMDAiLCJjYyI6IjEiLCJzbmNpZCI6Ijk5MzI5IiwiY2lkIjoiMzY5MzYiLCJleHRfdWlkIjoiIiwiY3AiOiIxMDAiLCJzbmNjaWQiOiIyMTQwNzIyIiwiaWlkIjoiMTM4NzQzNmU4MTUzZmM0NWI1YTRjYWQ0NmNlOTg0YWMiLCJleHRfaWlkIjoiIn0=?unique_view=1 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=G0IBc_f19U7VPY7BNfGdNBr2tq9NHsCQLZyrwMkqmDMLZnhZCDoxhsBVv7nxIDbUGSuLsLMdRFjEFGeFuMFdPEmBqL8CbNHqlW7NF12OdR3SJejWu3-ALdWpNxEbzD-lCMg_gUIDRUi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=G0IBc_f19U7VPY7BNfGdNBr2tq9NHsCQLZyrwMkqmDMLZnhZCDoxhsBVv7nxIDbUGSuLsLMdRFjEFGeFuMFdPEmBqL8CbNHqlW7NF12OdR3SJejWu3-ALdWpNxEbzD-lCMg_gUIDRUi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding gzip server openresty accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-allow-methods GET content-type text/html access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H3	200	core.632b1f6bbf8af8a4b6ac.js Show response creative.xliirdr.com/widgets/v4/Universal/ Frame 6EC4	3 KB 1 KB	39ms 38ms	Script application/javascript	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/core.632b1f6bbf8af8a4b6ac.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cec3e1b294aacb72051196b3da423f849d0c21c3a953712b59a00f3d56ac2d98 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=s20LqIzqQG6ofV8TJU1idjnLOlsbWexLnCblzruBfaQ7ZJxmuA1UzNCylA0-yWjX4wkERPaCTDbyqR-IVp_NBCWHQM8frJIdGCRMc3EVd87alN4_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 8 etag W/"64748f89-acd" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=10 cf-ray 7d096df40b0f0c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:17 GMT
GET H3	200	en.json Show response creative.xliirdr.com/widgets/v4/Universal/lang/ Frame FA79	172 B 305 B	41ms 40ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/lang/en.json Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:40:40 GMT server cloudflare age 4 etag W/"64748f38-ac" vary Accept-Encoding content-type application/json cache-control max-age=10 cf-ray 7d096df43b2b0c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:18 GMT
GET H2	200	config Show response go.xliirdr.com/ Frame FA79	6 KB 2 KB	50ms 49ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/config?url=https%3A%2F%2Fcreative.xliirdr.com%2Fwidgets%2Fv4%2FUniversal%3FactionButtonPlacement%3Dbottom%26buttonColor%3D%2523930606%26campaignId%3D128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344%26campaignType%3Dsmartpop%26creativeId%3D2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9%26hideButtonOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26iterationId%3D30231%26liveBadgeColor%3D%2523ff0707%26masterSmartpopId%3D0%26memberId%3DoDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi%26p1%3D3761372%26ruleId%3D0%26showButton%3D1%26showModelName%3D1%26showTitle%3D%26smartpopId%3D1548%26sourceId%3D271333%26thumbSizeKey%3Dbig%26trackOff%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26variationId%3D22460 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97e17ef8023f5aa2bcf2660c1b311190b2774682dcf04067a1a9228c1a9d4c67 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status MISS last-modified Thu, 01 Jun 2023 18:13:15 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cf-ray 7d096df43ab80b40-AMS alt-svc h3=":443"; ma=86400
GET H2	200	adsbygoogle.js Show response video.ktkjmp.com/ Frame FA79	16 B 82 B	41ms 41ms	Fetch application/javascript	2606:4700:3110::6812:3015 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.ktkjmp.com/adsbygoogle.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:3015 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT x-amz-version-id eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG cf-cache-status HIT x-amz-request-id G1890SVVQRD857Z0 age 861 alt-svc h3=":443"; ma=86400 content-length 16 x-amz-id-2 82LrMcdTIgiiUrI9u3lX3tFHaCLr3ymHKLkEwNLyokkeYiwFlIM4yC4yCFQnnUQuIMhDhYz/PaY= last-modified Thu, 10 Mar 2022 13:52:07 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar etag "3d7f7a60216d40dea48e495fef6903c9" vary Accept-Encoding content-type application/javascript access-control-allow-origin https://creative.xliirdr.com cache-control public, max-age=7200 access-control-allow-credentials true accept-ranges bytes cf-ray 7d096df43927289d-AMS access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with expires Thu, 01 Jun 2023 20:13:15 GMT
GET H2	206	1061051_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 37A3	394 KB 394 KB	93ms 93ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CubwBskhrcN3x7oVgTeDfRlMgw-j-9Qomwo-qaTMUN2u5-LYcK7QdmuIP5RnLQpYSGQ5upqhBR1XfPL47JbAXnki51xpC1arh4f8uDJiM6urd4yeDyS5F4A0hwg--nY4XQ_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:41:55 GMT etag "626c6-5f63ecf9afec0" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-403141/403142 cache-control max-age=10403878 x-cdn-diag fra1-11014-2-12121-h-0-0---;11014-37-6179----0-0-0 Content-Length 403142 expires Thu, 07 Sep 2023 07:53:03 GMT
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame A093	394 KB 394 KB	18ms 18ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=zUmwNq9sxJeUwZa5P60HgCna_z76zO4_ufevElPp-8Fy-cmx1QnqZBV4C0eWRz-SOgMRacIeJ5ngRBGj8h0hhnMjHLQaP9tYSDxOz-IyBufJ4emI7tkeAh2jN-hq3-8MfQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 994E	394 KB 394 KB	15ms 15ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=i4WoWM8RUySpf8RfswBITAVu_G6GGBhKGqzsRlStc44VfTlncb1OOr4aZu2NruxcRB_uKmaY7OFVqyY5Q0aYScHOeUAVtqvh0jh9780Ie5CtRkA6vJgjI8k9hq7PKbSSFTY_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H3	200	core.632b1f6bbf8af8a4b6ac.js Show response creative.xliirdr.com/widgets/v4/Universal/ Frame A63A	3 KB 1 KB	25ms 24ms	Script application/javascript	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/core.632b1f6bbf8af8a4b6ac.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cec3e1b294aacb72051196b3da423f849d0c21c3a953712b59a00f3d56ac2d98 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=ZUkKZInXjjNDMUV1mR6tMy5ZWIdwAmwaA6eAq3g9CZ2limgvqezPoPxv79gB9WMc1KBICNrcA_3S-6dPa7dfolwvczaDwrKOVT8Le_P4pb-vWgI_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 8 etag W/"64748f89-acd" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=10 cf-ray 7d096df48b4c0c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:17 GMT
GET H3	200	core.632b1f6bbf8af8a4b6ac.js Show response creative.xliirdr.com/widgets/v4/Universal/ Frame E80A	3 KB 1 KB	26ms 26ms	Script application/javascript	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/core.632b1f6bbf8af8a4b6ac.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cec3e1b294aacb72051196b3da423f849d0c21c3a953712b59a00f3d56ac2d98 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=t3FzPe0hrRg2ydIxJrLSjiT_uxwRAdrYr_FAjQ4pYOuywOc_qGrF-8bUAA-DGxyWIcqbCnQRYQZQTkOBqUejHBWalriozdeK2WR3VLM5KiZLmIk_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 8 etag W/"64748f89-acd" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=10 cf-ray 7d096df48b4e0c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:17 GMT
GET H3	200	models Show response go.xliirdr.com/api/ Frame 6EC4	2 KB 863 B	51ms 51ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/api/models?forceClient=1&stripcashR=0&limit=1 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb3d3a01b8a715231ac2015fdff2fc2ff61e530941f883cc2eaaba61c53fb437 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 01 Jun 2023 18:12:54 GMT server cloudflare vary Origin, Accept-Encoding content-type application/json access-control-allow-origin https://creative.xliirdr.com access-control-allow-credentials true cf-ray 7d096df4ab5f0c2d-AMS alt-svc h3=":443"; ma=86400
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 9E1C	394 KB 394 KB	19ms 18ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=lAM5OzYA78HcOeSC6bc5f8tjDIvIttB8zjmmlFQsc4WEmNF4FsxLcbr4_T6kuiq3FwYIz3oDHVbv0YoUf95ywLMIx0-SXtWQ8-KySk1UE7Q3ewdLQiNlt58j6VmJ0He586I_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 9EB4	24 B 122 B	28ms 28ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XcIAMjRg4bZsS0MDMGho0WNEjWaCFGjI0YLWzImFFDDMkyMMzQkCHi4Rwxacgo1LFFhMcaNmrcmHEjBw0RXR6GqTMmI42WN2jgmCGSRhgcZVCOCbMyTEMyLWTUyIHUhg2DZXCE6QmRjJ2FNj7KeAinjhiKMnLckAoHDkWPOWb4hDNRB9OXTCuKGNPGsGMYS2UMrmtmoeaHYty48SwDBo68e0W0cYNRh-YZefmubh2DRowYOB7WiZERDR06cOboePEijAuDdFi7GPOmzYszZei8iAGjIwwZO3_QSdOmTI-GObCHl4EDxw3NXOpUl_GWzpgeMzDPQK_--ls4YnrUaQKDtZirNsxgxhBThNFGG3QEccYYTbSgRxJ1vKEFDlXIEIYcR6DRxBt2VAHDF0kYUUUVaIhxBBNyGNEQHU9AYQYVV8gABww01EEFGlFMMcURMSTRBhpvFIGDEUuoYUcOSchxhxNBtGBEDRsWUUYVSeQhQwtXZJEFG05oocUaRziRRxxaLCkDQU60IUQLVcixhg1U6GGGFG7kUcUXZ1BJhBRVpEEXHG149tAbgAoqAhnNZSQHHS25IcdyiT40VmNbzBBDVCLAIUdVDPEVRh5tvEHGQjjAAFpnOsDgQnUOiSCHHZZ5pFsdfuogglMxwCbDGGHVENJJKY0xA0tO0RDTDTiJAZ4ZZdhEVxqWicCUC1q54BS1OdAlxxfQZjRttdfSkK1uc9m6oR5psMFGGC_UsCoIKFyRhhuI3jEHCE5QAQJ1q-4Agrxu2ECDv3gInAIIQRTGRhlXNLtEGtLVMC1s8C6BBBVNMMECCGyksUYZIBxRxhhrvHHwEGjI0VwZ09W2qgtK0WQtDCAUaMaFabQ7sQ10jcGpCE4wQdcb2_qcUdB0sfEz0g8dZMcXcpTBBkVK1dAQDjRU95AcZ4zmmlKSOf2FGHKQ2nQZT4c6qms41Na0yhQNOhQNfKmMRx4L0e1qGagO9Ftww72waKOPMuccXXO8qugbdIRBB9Et1OEGxC3cEIMLZIwRA09N_3zQF5lvThcdgTJkAw5I0WCpUxa1wZPpqAu8Og2Wb2YQ1GXMAccXjlN0euqzSyVGY4fyPRUbE_Gl9EKmTtYaDH0oEBA%3D&s=0d067352c496ce3ee6a23687daa3a181285c69d2de5bd3b9322822557f21e0201685643194&w=t&r=1&d=747&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H3	200	models Show response go.xliirdr.com/api/ Frame A63A	2 KB 860 B	27ms 27ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/api/models?forceClient=1&stripcashR=0&limit=1 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb3d3a01b8a715231ac2015fdff2fc2ff61e530941f883cc2eaaba61c53fb437 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Jun 2023 18:12:54 GMT server cloudflare age 0 vary Origin, Accept-Encoding content-type application/json access-control-allow-origin https://creative.xliirdr.com access-control-allow-credentials true cf-ray 7d096df52b990c2d-AMS alt-svc h3=":443"; ma=86400
GET H3	200	models Show response go.xliirdr.com/api/ Frame E80A	2 KB 860 B	24ms 23ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/api/models?forceClient=1&stripcashR=0&limit=1 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb3d3a01b8a715231ac2015fdff2fc2ff61e530941f883cc2eaaba61c53fb437 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Jun 2023 18:12:54 GMT server cloudflare age 0 vary Origin, Accept-Encoding content-type application/json access-control-allow-origin https://creative.xliirdr.com access-control-allow-credentials true cf-ray 7d096df53b9b0c2d-AMS alt-svc h3=":443"; ma=86400
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame B015	394 KB 394 KB	15ms 15ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=dLNSqTLLw_0kjQjbps7rYby3UhEiHMaZeHP_IEITYgrjvKyxQsPDgliVAGAXx-LXty2-0hf-_WKULYmAstyCE6In9SMbbwmoJYK2TW4BEH5nyysBBE3lUtP_ste9UhrI7A_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame B0F1	24 B 122 B	254ms 253ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XEECPjho0wOXC0qBEDRowWNAyKaYGjBowwI3HAIEMjxo0ZM8rMCCPi4Rwxacgo1LFFY8gZNFzSwJFDRJeHYeqMySiGjI0aNnCYIdMCRo2GKHEgbSGGxg0ZLW7QvBEGBo4yNXCU7AmRjB2KOGiEfAinjhiKMnLcgAoHDsUYOXLM8AlnIkOPMWacfTimjWEdHSPjhErGDMWHYty4oZiDho3TMh62cYNRR2QZMmDwXd06Rs0YOB7WiZERDR06cOboePHizBsXeNiksSOHjBwXY960eTGnTRg5wN_AeRFDhszAN3DYMCOmDJkc48vgkIkThhgxbnOOGVOmZpnuMsS0fZsZsVsxY5SmWBlmzJAVUjT8UMccCCVBRg_m0aATDXrFJkMYFIZhRhhyNeQSWzmQ0V0YMQRogwwzyICbDTDUJ4YZ811Iohg4kbieYGKwWAYXdcAAgww2zPFGHXLQ52APmeE0A48-AtlGGW2UJ8eRduCQhh5v3JEDEks4wcQZetwAhxI0PBEFFjcM8YQaY5xRhxpC1LGGDG48kccRMcghRR16tIGDG3QUMYQcabxhRhJFmCFEG0ys0UYaWeRQBhtw4IHGFEvE9cYbWrAhxQ1HTGFHGUswQeocedwxhhsb1vBFFTm4McccY8hRBxV1RLFGGHaYgQcNX5xRRRJESFFFGkz-aAMcMfQgmQ2RnZUskGLU8dsbbgzxBhtvyNFDCSgqBgOLNkxrg3KjCmHQGWVoy6234M5ghhkw3FAvXWRIlxF277nxXHRt0DVGGI5t0dBTIry4EAwu-FjDQ3LYcRliutWRRkY4qVhDYjS0EBsNY6AUGUwh6cVSiDLcpx9HN_z1UBqXiSCZC0u5UBrNTUH8BcwY30AzDjbTgDNddfCkgwhNvKFHGmywEcYLNTQMAgpXpOFGvnfMAYITVIBQUsM7gFC1GzbQEDYeZacAQhCFsVHGFWWIsUQadEA9s4FTL4EEFU0wwQIIyq1RBghHlDHGGm-oPQQackhXBne2NexCDTdFnQMMIEyh4XVp2O2zgQJPdbSXdHX7xXwZkf4QG6KLoLoIB9nxhRyTUkQ5SXHR4CPEZ4yGGeUVxf6FGHIslBvsZcjexhtkLOSdbQ8598ZnIrwxFA18NY5HHgthLwLtnh3tG3DCEcdvaP9K9wJdc0S87xt0ENxtC3W4QXdXMrhAxhjd4dv6QV_YX_8eQoeAuSYrWKFBQ0pDwDbIgCIILNsC9WKDwdRldmWYAxy-QDAItkSCiPFe8jjoNuwMxWA0QFgYxOAY5G2oDmyYCF9YtzDKtAYGfVBAQAA%3D&s=08744aa68bfea40b02151de6b46dc9c1ba4b7b535bb83a662145ac47be2f3ddc1685643194&w=t&r=1&d=507&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	206	1060063_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame DE14	458 KB 459 KB	21ms 21ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=9dhQeT0Y5soIH4P8qsAbM0QODa5UvpZ4cdmdO4APbV2PIULMVIn9idh36fOfKtfC79UQXsGrOOC5PtVGtaj3dd24RQxnHg3ypDlZ7vKwc_3nuSK0KdHU0B-yRuP3t_DJRRw_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash f18ee58ffc097c2a84c6f8f9b16d6751ca960ee5e9a71c6f7078174e7609dbfa Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Fri, 17 Feb 2023 17:00:28 GMT etag "7295f-5f4e840110300" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-469342/469343 cache-control max-age=10775710 x-cdn-diag fra1-11037-2-899675-h-0-0---;11014-19-6179----0-0-1 Content-Length 469343 expires Tue, 15 Aug 2023 14:11:26 GMT
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame EED5	394 KB 394 KB	21ms 20ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=MxadNwo50dqOqlCf8lfffLM5gc9g1gTYGz5eC779TEcDtfpOabk76k3IsM12kWscBnWh3PtrxP_s57o-DZptWPKKYV5cneDUECQuNSD8OTc-pAnRTcFazVc8PdK8hT7GVQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 2298	24 B 122 B	263ms 263ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XkIGPmRhgzMm60mFGGxowWNGiYgdEiBwwzJ3HAGGODBgwyOWzIKCNGxMM5YtKQUahji4gYOWrYqHFjxo0cNER0eRimzpiMYmLckBFDTA4cLWx0DYNyjJgaLQyKsTHSzFmQOWbs5OoTIhk7C23klPEQTp2eOmLIyHGDKhw4FJHG_QlnIsMbYp1WHNMGsQ4ZS2XgmEGV48KQD8W4cUPR5QwYNPiKaOMG4-Wmevuydh2DRowYOB7WiZERDR06cOboePEijAuDdFq7GPOmzYszZei8iAEDBnUZqX_QSdOmTI8YNXJgF68Zx9YbXOpUxxyGzpgemGtonpF-vY0wcMT0KAIHShopXySBRhQ02CGFEnJEcUUaOAxxwxJHnBFFDmRFQQcWc7ghxQxIFEFHE0uIQccdSghhBQ1r0TAEFVIwUUMZMEwRxBsPikhDFEi0IccaZQhRxQ1zDCGGGUNg8QUOd-TxBhVj3GFDUzlooUQUWLRxRRIx2EEGGVLQUUQcN8RwBhRtrEHGF0XocYcWYTQRRBBSLpGDHDWwEcUXZ1SRBBFSVJFGXXC08dlDbwQ6qAhkNJeRHHSIIZocyyn60BjtLbRFQ1OJAIccVwXWVxh5tPEGGQvJFJoZC8HgQnU1PCSHHZYhpVsdf-ogQhlj3ICDGWGUgRYNJZEFLHUtrJVDGWmNUQNJOcQQBnYyXPVQGpaJ4JQLNODgAlTY5lCXHF9Qm9G12W5LQ7d11RFGRk28oUcabLARxgs1rAoCCgu6kegdc4DgBBUgULfqDiDkWxPBeNSUAghBHMZGGVfwtEQa0i17gwsz2HDvEkhQ0QQTLIDARho8gnAErmu8sfAQaMjRXBnT1baqC0zNUK9LIEzxURhypEHvtRnXNUanIjjBRF1vgDt0RkbXxQbRTT90kB1fyFEGGxQxVQN4ONgEg6tnkHYZUxVN_YUYcpQqdRlUi0rqZTjUJrXLFBFKFA19uYxHHgvhLYLVqNrqG3DCEceoo25Aypxzdc3x6qJv0NFe0i3U4QbFYcXgAhljCFYX5xkd9AXnnj9Eh6CB2YCDUiYh5ffpMlCkOusNQbV6YXZVXcYccHxRaeqr11S732GIGHoZvNbBxkR9PZ3qpK7B0IcCAQE%3D&s=502f16b7efe832763f5cded49218e2ba9a216c065c79d02e885f2f6a42652fad1685643194&w=t&r=1&d=699&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame CB68	24 B 122 B	27ms 27ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zCyGaIRPmRpgZM1rMMBODTAsaOcTQaCHmoI0WNcqIgTGmDAwYNVDOEPFwjpg0ZBTq2CLCRo0bMmIYtZFDRJeHYeqMySjDI5kbNsTcgFmjhkmUNcK0yDEjJkwcZHLgEGNmRpkxZGrwhEjGzkKmNmQ8hFNHDEUZOW5AhQOHYowcZHvCmcgQa4wZNyqOaVOYIYwbM6pCJWNmoWYRYty48SwDBg6mekW0cYNRR9UZTPeubh2DRowYOB7WiZERDR06cOboePEijAuDdFi7GPOmzYszZei8iHGTugwaMn7QSdOmTI8YNXJcFy8DBw6kN7jUuSnDRhg6Y3rMuJw5_XoY7cPAEdNjDhU0ZywRBHZ6SEEDHXnMQAcUR2Bxhhw33EGDFFIEwQQVRUSRxBU0uHHFGXQYQYcSZVBBRxt1JGGEEUvUkYMVQVgxRg5r4ECHGXUwEUQUVTBhBB5WtEHDHE2klEQZSNCQBxJu4CDEGTPQcIMUTdRBxRJl4IBHEi0I0cQXVlyBAxo5RLEGFS0MgUQeQzQRhRJFOEFDGXbYQcUNEl2xRgxjfHFGFUkQIUUVacwFRxuePfTGoYmKQEZzGclBhxihybEcpA-N8d5CWzT0lAhwyDGVDhXBEUYebbxBxkI4wPAQWwvB4MJNNTwkhx2VHaZbHYXqIAJISYWXw0ql0TDGSY-JpRZKLeCQAxkylBGDGGGIUZVfD6VR2a83uEADDi4M621Ttn6hbUaQeQuuuCjNVUcYGTXxhh5psMFGGC_UMCsIKFyRhhuP3jEHCE5QAQJ1s-4Agr9u2ECDwng4nAIIQRDGRhlXyLREGtLVkC5s_C6BBBVNMMECCGyksUYZIBzx1hpvTDwEGnI0V8Z0tc3qwlFlhQsDCFOEYUYYcqSR78c2zDXGqCI4wcRcb8jxxdIZOT0XG0xb_dBBdnwhRxlsUHRUDeDhQMNNtp4xmmtHVcT1F2LIwerWdH6R6qqu4VDb1jVTpKhQNOxVMx55LBS4CF935qtvwAlHnKSUumEpc87NNcetkb5Bx3tRt1CHGxyf1C0ZY8Qgw1ykZ3TQF6SbPteJFNmAQw0ONzTsQyeeTqrstNNgO0oy1EqX12XMAccXm-4-e-2HHV4tY46WMXQdbEy0F9axZtoaDH0oEBA%3D&s=6d8072d1de36c2b79181b4bea20c0913f03f1d158e76489640594d41c009a3641685643194&w=t&r=1&d=658&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=657216569&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	206	1061051_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 9AA2	394 KB 394 KB	52ms 52ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=Hj4mX_Vz3mzdbFqKkSx4ma0_F_GGdBrB_WbiurKlJUoxAc9CUKE75qsphYnE0E_NualprKJ6TFWeCuc-8CuV-efm_rElTTJQI70a7wt-okgCDXtOtHl0Qq1hyMjuyaG1YIc_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:41:55 GMT etag "626c6-5f63ecf9afec0" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-403141/403142 cache-control max-age=10403878 x-cdn-diag fra1-11014-2-12119-h-0-0---;11014-28-6179----0-0-1 Content-Length 403142 expires Thu, 07 Sep 2023 07:53:03 GMT
GET H/1.1	206 Partial Content	1060063_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame A06E	458 KB 459 KB	22ms 22ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=O_z79-sXTLtheVPGyYmWQXG0UBuZspta1dRdzKeXS04PKkQVdbMvddoIx8C315cSipb6sFj_AlyLmf68w4mu-pYRhF6wenrBjY7YGQz1lotsm-VCbUN2NyxYKHUCv9etJ7A_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash f18ee58ffc097c2a84c6f8f9b16d6751ca960ee5e9a71c6f7078174e7609dbfa Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 17 Feb 2023 17:00:28 GMT ETag "1676653228" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-469342/469343 Cache-Control max-age=10552708 Connection Keep-Alive Accept-Ranges bytes Content-Length 469343
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame E68B	394 KB 394 KB	16ms 16ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=_bc7cXL9z3cDlaU-fxrgpBzQcd9Ln2Y_xEyXe7JOoxeGze0MYovlCzjpXGjeVlt_Y6JiCTIMWoQecJ7lrAwvzaX8-gp057c8zh_8p-HIbwEgN8B1ooOJT5ml_GtqDqnEKQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H2	206	1061051_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 1DF5	394 KB 394 KB	30ms 29ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=423517&apb=w44Fn6v0uOPZYo6KrO8cIu2UfUculjbFCuzFmNhAexZhTnr9dpZVNS4OrYjR5iEFSwchF9V8ZrPXHHGVoQ6ac6rtzT7_23_sWpdVht5duiWVbouSC6MyttNIXh-YGQYznvk_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:41:55 GMT etag "626c6-5f63ecf9afec0" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-403141/403142 cache-control max-age=10403878 x-cdn-diag fra1-11014-2-12119-h-0-0---;11014-27-6179----0-0-0 Content-Length 403142 expires Thu, 07 Sep 2023 07:53:03 GMT
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 5E96	394 KB 394 KB	19ms 18ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=5ZlefOKyz92A_i3Xesg19VS_Ty_0zx_VMvsfvs6xEtUPzPhqltcvTiVrgDadUIFWLZg4UzYU6dflItnuh1sQ2H_Kkjk2RxKnHTr3xPg9gXmJdih0h4JQORAjNmFmtyBaHw_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop206.am5.t,1685643195.cds130.am5.shn,1685643195.dop206.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame D436	24 B 122 B	97ms 96ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XgGEPmRg4yNcq0gBEmBpkWNMzMOClGjAwxI23cuEGGxo0ZNmKIiSHi4Rwxacgo1LFFRIwcNWzUuOmRhoguD8PUGZMRaQ4zMsbgbCEmTBkzKHOEkdECxwytLW6YuRGmhs0YM3LAyNETIhk7C23ksCHjIZw6YijKyHEjKhw4FI_mmOETzkSGN3LOuFFxTBvEOmQolWE2KhkzC2UUFiHGjRuKcmfAoNFXRBs3GDPf1Ov3dewYNGLEwPGwDk8dA-nQgTNHx4sXYVwYpAPbxZg3bV6cKUPnRQwYMK7LYP2DTpo2ZXrEqJFje3nOOG6I5lIHu-YwdMb00FyD8wz27m2EgSOmhxo3VEDBRhZqBIGDGTaJ4cQbcbxhBQxPsHGEGk6sEUULVrjBRhs1SNHEDVpcEUcSdszwBR43wKHEGVPAsdcXWFghQx1HoGGGGE1oAQMTS8zxRBNL3GEEGnGEYcUSbyjRRBVq5RDEGU9kUQYeS7XABhpuVFHDGTfkkYcSSwRRRQxU4HBHC3bQwcYaN9TwBRw0qCHFHElcVkUZOawRxBdnVJEEEVJUkUZdcLQR2kNvFHqoCGRAl5EcdLTkhhzOOfrQGPAttEVDUIkAhxxU6VARHGHk0cYbZCyEAwwPiQGaDjC4gF0ND8lhB2ZH9VbHoMDlkBtOWYlUw402oGQGWmL4SkMLMpUBw07kmVGGq3WlgZkIk7lAAw4u-KotXbV-YW1G2W7bLQ3f1lVHGBk18YYeabDBRhgv1CArCChckYYbjd4xBwhOUAHCdbLuAIK-bthAg8F4KJwCCEEcxkYZV0y7RBrV1ZAtTvgugQQVTTDBAghspLFGGSAcUcYYa7zx8BBoyAFdGdbhJqsLS81gr1wgTBGGGWHIkUa9G9tQ1xihiuAEE3W9IccXSGe0dF1sJD31QwfZ8YUcZbBB0VI1jIcDDdjVesZpmS1VUdZfiCGHqliXofWpqWaGA25Yy0wRokPR4JfMeOSxkN8icP1qcMMVdxykklL6XHR1zWHro2_QAZ_TLdThBsYt2EzGGDHIUNfnGR30xeeh10WHoaLagENSNDTk60Ori9766wrLTkMOONjg2dZlzAHHF5neDrvuUYnxGKNfScXGRH5VvRCrIowRGwx9KBAQ&s=a584834c93a08b91ef1b46d792719c2d4937d2888e1564b8822724d21bfcf92b1685643194&w=t&r=1&d=606&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	206	1061051_video.mp4 ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame A098	394 KB 394 KB	334ms 333ms	Media video/mp4	66.254.122.17 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=rd-BYNJku3kRGD27VlTiu_PaF0F0FMYVIvfcg8eGKtGnG6kgJfXp51C7zakwi0CpOpRmEZXNAL_maQQGRAGgL8aRY-5CpB1yT6l0eiSVdTUV0SJiyv4e5kKvpBWwqe4qzw_gUIDRUi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.254.122.17 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers date Thu, 01 Jun 2023 18:13:15 GMT last-modified Mon, 06 Mar 2023 17:41:55 GMT etag "626c6-5f63ecf9afec0" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-403141/403142 cache-control max-age=10403878 x-cdn-diag fra1-11014-2-12119-h-0-0---;11014-24-6179----0-0-0 Content-Length 403142 expires Thu, 07 Sep 2023 07:53:03 GMT
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 2802	24 B 122 B	253ms 252ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XcqEFDRg4zYcK0oFHQxkgaYWC0CIOjZQsZNGyMiSFDjJkZM8LIEPFwjpg0ZBTq2CJCRowZNGDQiEEjhw0RXR6GqTMmo40yOMzcKGOGRouNYWqMjMGxRQ6dMr7CiLE1aY2GZmDwhEjGzkIbTmU8hFNHDEWPN6TCgUMxRo4cM3rCmcjwho2jNyqOaUOYIYwbM2QEpmtmoeaHYty48SwDBg68ekW0cYNRh-YZePeubs00RgwcD-vEyIiGDh04c3S8eBHGhUE6rF2MedPmxZkydF7EgLEWBkwZP-ikaVOmB9kcMMHLaHlDM5c61GXYCENnTI8ZlzPfOJ9-PRwxPYQkwSOjSI0zc5gBxxFFZKHGHFLUUcR0Q6hRBgxoZDHHHVqoYQQNNayxBBVxyDGFE18s0YYcYgiRhx5fPKEGE3dkQUUSX-ThBBZp0IAFQmpMMQUUbYQRBRxFtPCGEUjoMccZT6yBBxlo5JEGHm3UUARwb9CAxBhP2OAEGnFA8cURX9SQBRo43JFUGGIsEUUYSERB0xxTKMEmHTHM8cUZVSRBhBRVpDEXHG149tAbgAoqAhnMZSQHHWKEJodyiT40BnsLbdFQVCLAIUdVOlQERxh5tPEGGQvhAANonekAgwvU1fCQHHZUZlhudfipgwg5LAWbDGOU0UINZohhEg1mjDFDC2Lk6pUNW8EgxndmlGHTXGlUJsIMN7hAAw4u5KptDnPJ8UW1GWGrLbfeNjVXHWFk1MQbeqTBBhthvFADqyCgcEUabiB6xxwgOEEFCNOxugMI-7phAw0H47FwCiAEMRgbZVwh7RJpRPdWtrDluwQSVDTBBAsgsJHGGmWAcEQZY6zxBsRDoCEHc2VIxxSrLtSA2b05wADCFGGAJEca9poL21xjcCqCE0zM9Ya4SWfE9FxsKD31QwfZ8YUcZbBBkc41kIVDUqeKIMcZo7mmc0VZfyGGHKViXYbWopLqGg5MYT0zRYMKRcNeM-ORx0J_m80Vb74BJ9wLizbqxqPLNTfXHLAq-gYd7D3dQh1uZPzrDC6QMdNOWCt90Bei0zQXHYF2agMONSzcUA6uWtTGTq7DLrthNbQqFRlblzEHHF9QmnvsNMxeOJqMHcrVVGxMtFfVC5U9Rmsw9KFAQA%3D%3D&s=4b1759cf494fbecdfe80f67f2afb6f3143ef1b8e7070c2fe829c1edeb37c5d111685643195&w=t&r=1&d=570&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	1060063_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/ Frame 3349	458 KB 459 KB	35ms 35ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815815/1060063/1060063_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=CKTf1AdkbXshuKpKUYSCjGXIGN3K2Y9adB8Njfpg3KWM7dDoSvloADGk_OQMYL1jNbBZqRBkRrrPK9PextR4A0XacEJMQ6D-LdoPFKNF7DCjW2uoUjifzawUo2RBw2PXSA_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash f18ee58ffc097c2a84c6f8f9b16d6751ca960ee5e9a71c6f7078174e7609dbfa Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Fri, 17 Feb 2023 17:00:28 GMT ETag "1676653228" X-HW 1685643195.dop254.am5.t,1685643195.cds235.am5.shn,1685643195.dop254.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-469342/469343 Cache-Control max-age=10552708 Connection Keep-Alive Accept-Ranges bytes Content-Length 469343
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame EFA2	24 B 122 B	59ms 58ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XMMBPjhowwYsS0mDEGBowWNMbEMNMih4wbYVqQwVGDBg2aYWDMjCHi4Rwxacgo1LFFhIwYM2jAoBGDRg4bIro8DFNnTMYZOJDCuGFGJI4xTlHSmCGjRVYyIhuSGaMyR84ZN3D0hEjGzkIbT2U8hFNHDEUZOW5MhQOHYowcOWb4hDNRB1wbSG9UFDGmTWEdNGTMqNFxKhkzC18-FOPGTegbLjXTeNjGDUYdL2fg3dv6ddMYMXA8rMNTx0A6dODM0fHiRRgXBum4djHmTZsXZ8rQeRHDZHUZmX_QSdOmTI-GLp3KkIEDh8cbXOqYlGEjDJ0xPTJv7ph-fXs4YnpcSVIETREkcIxhBx01kJHEFVlAYYUbahBxGBt2jAGFEGFoIQYNSazRQhwSzrGEGE0QIQYURz1BBBNkVMWEGmqQ0QISdGRxhx1R0FHHFGx8YUQQScgRwxxs6CGDFDGcIYYaZUyBgxVCxNBEEESMcURSdQSRBxFBHDbEdjLYgcMaQeiBxRVVtJFFEHHMEAMcT9RwRRhyVEHEG08E8cUZVSRBhBRVpDEXHG2E9tAbgAoqAhnOZSQHHSG5IQdziT40hnsLbaGmVCLAIYdVsMGwVxh5tPEGGQvV4KkIYoCmAwwumOSQCHLYcdlhu9Xhp281zCDGDDDMQEYOZtVgRg0ofTRGsGOIxFkNNYTxkQ04rBXGXGlcptENLtzkQg40ZJvDXHJ8Ue1V2GrLrbdz1TGtb028oUcabLARxgs1tAoCClek4Qaid8wBghNUgFBdqzuAkK8bNtBQMB4JpwBCEISxUcYVZYixRBrT5YqtbPcugQQVTTDBAghspLFGGSAcUcYYa7zh8BBoyOFcGdQ11aoLNdyw2bYwgDBFGGbAmQa9cLkg21xsZeQEE3O9EW7Svi09FxuciiD1QwfZ8YUcZbBBUc7L4qDUqXKcYRpsOU-W9RdiyLGQboeWobWopMKW1WqHykzRoEPhrekbeOSxEN5cq_pbcMMVt2ijjzb33FxzxKroG3S453QLdbiBcQs15ODCWjHIMNdaGR30BeiiWxQoQ9DWkLCa3KouOus0vX4YDdCeatDWZcwBxxeU0u76WLdPJUZjcQddBxsT7UX1QqeO8RoMfSgQEA%3D%3D&s=3fb81d2ba5d3f6d371f0b2f3315bca3859caec1262b3d7f2e42aba2d6170c2631685643194&w=t&r=1&d=1003&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 948C	24 B 122 B	57ms 56ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0WIIUMDRhgZZXK0wCHGTJkWNHKMESkmTA0aLWDcIBOmTAwaZGTOFPFwjpg0ZBTq2CJCRowZHWnczGFDRJeHYeqMyUhGBg0zM8KIgTlGxpgaKG_EsDEyxtYWObDSmAGjhhkaN8rc4AmRjJ2FNpjKeAinjhiKMnLcgAoHDsUYOXLM6AlnIsMbNo6KfTimjWEdNGTMqBFjcF0zC2V4FuPGTegbOWRopvGwjRuMOkTPyMvXNeybMWLgeFgnRkY0dOjAmaPjxYswLgzSee1izJs2L86UofMiBgwY1q3K-EEnTZsyPWLUSJ1SNQ4cN0RzqXNdho0wdMb0yLy58_r27-GI6ZHHCRo9Q6gRhhZRELHEEWRYgYYZZF0hRRBaWMGEFnc4IcMUTTRxgxExjJEFDG4MIccMTzTxRBl1qEGEDDDIocQaTGCBHgxQsBFFFk5ocYMUMxlxxR1KpFGHEGzMQEQSZOAABRZnQJHGFGXEUQURQuCwBAxJlIGGGDkwwUYORuSARQttSDGGFkrIMAQeeozxhB5QXJFHFUcU0cSSLCbxxRlVJEGEFFWkQRccbYT20BuEGioCGc9lJAcdYpAmR3ONUgbfQls09JQIcMgxVWww8BVGHm28QcZCNYSqEWg6wODCdTU8JIcdlyHGWx2C6iDCDDMYNV4OMLFIwxgoHRUGWjikNFIOVdnUkhii_fVQGpfteoMLNODgArDY5kCXHF9Qm9EM12a7LQ3d0lVHGBk18YYeabDBRhgv1PAqCChckYYbjN4xBwhOUAGCda_uAIK-bthAg8F4KJwCCEEUxkYZV5QhxhJpUFcDuS7Mhu8SSFDRBBMsgMBGGmuUAcIRZYyxxhsPD4GGHM-VUd1Nr7pQww2bbQsDCFOEYUYYcqRRL8ez0TXGpyI4wQRdb4C7dEZO08UG01U_dJAdX8hRBhsU7cxZDcleJ-sZpsW2c0VbfyGGHAvttmgZXJd6amw43KQ1zRQdKhRrnNKMRx4LAe41qwMFN1xxLzwaqRuTOgcdXXPM6ugbdMAXdQt1uJFxC2S7QMYYMchA1-hUlfHF6KXTRUehOoyFQw0KNwTsQ6-bHrsNs9eOWEqzQ0VG12XMAccXl-7e-1q_QyWGY3MPXQcbE_F19UKqjgEbDH0oEBA%3D&s=f1d5b1509501af5c943a0a13102e27bdf998760a907feafebdd02741b384d1371685643194&w=t&r=1&d=650&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame DDA8	394 KB 394 KB	22ms 22ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=1MMU9hL_N3YscQiFLTdoqGqZoJXiYt0nyXPsEhtFZz2tqAWX0Wb4_lDNWYscDjLIewvrknqu8cP2pk9Kb2qT5XZJ7WbGid8Gox3JQ4KIl5LyyF7ItgwZkgY3N7wT_akBdMo_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop202.am5.t,1685643195.cds286.am5.shn,1685643195.dop202.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame BBE5	394 KB 394 KB	23ms 22ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=307327&apb=fRVNNqaPZYC12KAocKdAGCQyNxliYWcoNZjdgh56FL_-skG56Da-grPJyGledp2XGNA5wodIsgAVdv98hjq1XLz2Wv3JxiLoEWENvO7sNJApFVf0QPyyVRuLAB5Pg1N-W8k_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop230.am5.t,1685643195.cds324.am5.shn,1685643195.dop230.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H/1.1	206 Partial Content	1061051_video.mp4 hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/ Frame 243E	394 KB 394 KB	23ms 22ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/2/1554/815876/1061051/1061051_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=265283&apb=4jXawqrYemlDUxhHpjnajc9ykPMIhfpvall1f-O6e2P6f4LneCPQXlYq6GjjPTjAlipZgrKCPWMAHPiCTqpOy8FO__3Wh0dWGAffWg0aSb2Qw_38ikQRb8PGjL53qzB1IQ_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 70a3000a2795c914ed72c21a5b9d9a5d25140b933c931b90a7ff40a854daff69 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Range bytes=0- Response headers Date Thu, 01 Jun 2023 18:13:15 GMT Last-Modified Mon, 06 Mar 2023 17:41:55 GMT ETag "1678124515" X-HW 1685643195.dop004.am5.t,1685643195.cds201.am5.shn,1685643195.dop004.am5.t,1685643195.cds223.am5.c Content-Type video/mp4 Access-Control-Allow-Origin * Content-Range bytes 0-403141/403142 Cache-Control max-age=10466922 Connection Keep-Alive Accept-Ranges bytes Content-Length 403142
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame D2E9	24 B 122 B	38ms 38ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XUuDEjRw4ZM8a0oHGjBpmRMMjcaIGjxhgYLcaYAWkmRhgYNHDAmCHi4Rwxacgo1LFFhIwYM2jgjEEjhw0RXR6GqTMmY4wbNmgcDGOmhZmIYUbasCGjRY4bN2K0yBomjE4ZNmCU2dgTIhk7C204lfEQTh0xFGWclQoHDsUYHmf4hDNRxwysSNM-HNPGsA4aIGtclUrGzEIZNx6KcePm842PIGk8bOMGow7QM_T2Ze2aaYwYOB7WiZERDR06cOboePEijAuDdFq7GPOmzYszZei8iAEDBnUZmH_QSdOmTI-GH5vKkIEDxw3QXOpUhxuGzpgemGdovpF-vY0wcMT0UIOnjRQZc8SxxhlyvGFGHDLcEQcUbSgRxRFQEBHFFGl8kYQRUtjxVwxXXIHhGmx84VsYCDnxhRxm2FDGDWMQEccVZORQnRRDXJHFFXUkUYcdVpShExYyPCEEFdQxEYMbT5BBBxVE3JFHFWPY4cQMcZihhRthyEHEHE_cUMcXS0QRBxs3oFFEGzXkUMcdWORwBw1QuKHHHW4ccccXZ1SRBBFSVJFGXXC08dlDbwQ6qAhkNJeRHHSIMZocyyk6WXsLbTFDDFGJAIccVb0GQ19h5NHGG2QsVMOnIojhmQ4wuFCdQyLIYYdliOlWx586iDCDXGOcl9JamtkwUgyOtiDGeV2NEaOPYYx3Fg28PZSGZbre4EJOLuRAw7U51CXHF9Nm9Ni1OGS7bVN11RFGRk28oUcabLARxgs1uAoCClek4Uaid8wBghNUgECdqzuAkK8bWRWMR1YpgBBEYWyUcUUZYiyRhnQ1jBvbvUsgQUUTTLAAAhtprFEGCEeUMcYabzQ8BBoFdjcdU666sJF82cIAwhRcZZkGvRo_NVmnIjjBRF1vfDsG0UbXxQbTRz90kB0nlsEGRRtpVgMOSqEqxxmlvbZRRYiWQbUYciyUW9lUj1rqazgwJXWBFBE6lGqaFohHHgvhLUcZqw70W3DDvcCoo25Aypxzdc0h66Jv0NFe0i3U4cbFLdBMxhgxyFDX5hkd9MXmnddFh6AM2dBSVpdqa1Ebnqe-Og2tk2RDaHZVPQccX1Aqew2sI4Z3GGI0VvZXdbAxUV9PL4TqGK7B0IcCAQE%3D&s=b5f25bedd6e69997c6685e80a7681d5fc0e063886ad3c15c5928f864dd1b812c1685643194&w=t&r=1&d=954&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame D628	24 B 122 B	31ms 26ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0WQEUNmBhkbM2i0uEHGYAsaMEi2CCODDI4WIQuWIVPjI00YIh7OEZOGjEIdW0TEyFHDRo0bM27koCGiy8MwdcZkrGEGBwwYNSK2KBODjJmTY2CIDGNmZosxNXKQiVGGRg4xNGjmhEjGzkIbOWzIeAinjhiKMnLceAoHDsWhOWbohDOR4Q0bMZJWHNPGsA4ZRmXgUEzXzEIZg0WIceOGYg4YM8TuFdHGDcbLSPHybf06Bo0YMXA8rBMjIxo6dODM0fHiRRgXBum4djHmTZsXZ8rQeRHjanUZNGT8oJOmTZkeMdJizyFDM44boLnUuYo5DJ0xPTDX0DxDPXsbYeCI6YHlix0mV-AxxhNJ2LBEGjkg8cQcdbhRRRlZtLGGHgc6YYcQaOSRgxNWSCGDEnhYoUcabiQhBh1zvEEGGjHkcQMeRcwQhBY0HAFDGTLAQQYTeUxxQxQyqDFFFHiUAcUYS9jRRhRtEBEGDmLEcUMWcmDxxhdOOCEFDXXkFQQWZkwhhAxVCAEDEkMIocQSgg0xQxZljBFFEngYgYQaVGBxxxdnVJEEEVJUkcZccLTx2UNvFHqoRs5lJAcdYowmB3ONPjSGewtt0ZBTIsAhh1Q6VARHGHm0oeJCVj0khmc6wODCVTU8JIcdlg21Wx2D6iDCDDPIEF4OS7Ugg1hjnBRZGC3kgINbLeCglgxciRGGGKD99VAalu16gws04ODCUtzmMJccX2CbUVLceguuW3PVEUZGTbwxIhtshPFCDa-CgMIVJJLxxh1zgOAEFSBU9-oOIPDrhg00IIwHwymAEERhbJRxRRliHDhdDejOYIO-SyBBRRNMsAACG2msUQYIR8S5xhsRD4GGHM6VQZ1tr7pw1Az4ngbCFGSFIUca93Zsw1xjgCqCE0zM9Qa5SWfE9FxsKD31QwfZ8YUcZbBB0VE1hLfsVbKeUdplR1WU9RdiyIEq1mVobSoZn-FgG9Y0U4ToTzTwRTMeeSzUtwhcszoQcMIR98KjkboxaXPPzTXHrI6-QYd7T7fQYBp0wIQvGWPEIMNcoGd00Begiz4XHYaGagMORdHQ0FIPsT6667AzPLtbNehG19ZlzAHHF5jiHvvuT51oehlmQMXGRHxVvRAMlr4GQx8KBAQ%3D&s=c666f6256ea5addef655e07a7eef43e60c74cf7ad75e2e006bf37cd822cef7541685643194&w=t&r=1&d=693&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame BCAB	24 B 122 B	40ms 35ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XcCDNjRo0wNG60oFFjDJmRMWzUaCFmhhkbLXCQiQGDRhkzZWSYIRNGxMM5YtKQUahjiwgZMWbQqBmDRg4bIro8DFNnTMYxZWjQkDFGxoyYNm7EGOlURkwxNsK0SPrRTNMyMMbMgOETIhk7C208lfEQTh0xFGXkuDEVDhyKMXLkmPETzkSGN2wkFftwTJvDOrZ6jEHYrpmFMjqLceMG9I0cMrzSeNjGDUYdoWfo7dv6ddMYMXA8rBMjIxo6dODM0fHiRRgXBum4djHmTZsXZ8rQeUETBk0ZW3_QSdOmTI8YNVCXlYEDx43QXOrAgCEjLZ0xPTTX4Jx-ffswcMT0IJIkDhEZR-Thhhp02LAEES2EscYaRUgBwxoyRFFEDFSkkQUUVNxBxhFOGLFGFUn914IZcwRBBR5XQDEGEkU0UQMaTqShxBNSJMGEWr8dwYQbWrwRhh11QIEDDW_QQUQUWgwxRh0tBDEDEUYkUcUcRdRARBZLmAFHGWcMgUQbSsQRAxpfzmCHHWPEMAUZdeCxhhZKxKVGFUgoscQaX5xRRRJESFFFGnXB0QZoD70hKKEikOFcRnLQIcZocjC3aGVhPLZFQ1KJAIccVsEGQ19h5NHGG2QsVMOnIojxmQ4wuLBeDQ_JYQdmie1WB6A6iNARUuHlQEMLMtQ0BkozqJXDkDnElAMZMpQRgxhhiBEaYA-lgZmuN7hAAw4u-KptDnXJ8YW1Gc2Q7bbd0vBtXXX0lGsTb-iRBhtshPFCDa6CgMIVabih6B1zgOAEFSDQ5OoOIPDrhg00IIwHwymAEIRhbJRxRRliLJHGdDWY64Js-i6BBBVNMMECCGyksUYZIBxRxhhrvBHxEGjI4VwZ1DXlqgs13OBRtzCAMEUYZoQhRxr3eixbXWN0KoITTNT1hrhNZwR1XWw4ffVDB9nxhRxlsEFRz_PVMOR6sZ5RGmw9V9T1F2LIsZBuiZbh9ailwoZDU1zbTFGhRK2mqc145LGQ4GCvOhBwwhH3QqOPuhFpc8_VNYesjBZZ6dQt1OHGxiPJ4AIZacpQF-kZHfQF6TGY_hAdg-qQEg41MNyQr6-3YbrsNtBue2IhLTYVGV-XMQccX1RKUe-103C74NE-VnfRdbAxUV9ZL4TqGK_B0IcCAQE%3D&s=fb121ddfadf34e2640e3f4037e059f00049ca94698114b31d0ceb04e27307f801685643194&w=t&r=1&d=949&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 7415	24 B 122 B	731ms 727ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XUsAHDzIwbOca0qFFmTJkWNGTciNEihxkbNFq8DFPyBhkzMmTAFPFwjpg0ZBTq2CIiBg0bNWbAkIFDRg0RXR6GqTMmIxkZEWeMidhizA0bOFCKCRNTTFMxLQrKwHkDZI4cYWDwhEjGzkIbOWzIeAinjhiKMnLckAoHDsUYb2f0hDNRx0cbMT5WFDGmjWEdKWfUiDGYrpmFKh-KceMGNMicM2g8bOMGow6VM_DyZe3aaIwYOB7WiZERDR06cOboePEijAuDdFq7GPOmzYszZei8iAEDBnUZKX_QSdOmTI-GObCHZ4rjhkoudarrDENnTI_Mm2-gV28jDBwxPcoIITJDi4w6eGRhhxNRYFFHEGjg8EUddeTRxhNNtEFFFHBQocYSTtzARh05UKGFFFCowUYOeARhwxBn3LBGHmLMYEYdV-AQBxpDzCEEE04sIYYMY1ixxBpoVEHEFTQUkQUeVZwBxR1MLBGFFUXQUQYWLbSABoVEWBHDEk-swYYTbBxxhhxNuBHHFUidscYScrSGxxwzyLCGFG00kUMUWXxxRhVJECFFFWnMBUcboD30xqCFikBGcxnJQYcYo8mxHKMPbdXYFjPEEJUIcMhR1Wsw8BWGg2-QsVANoYogxmc6wOBCdQ6JIIcdlyGmWx2B6iDCDGKQ4dIYMJCB0gxlzIASRzHhIAZHMo0hRrBh2GDDsjD89VAal-16gws04OBCDjRwm8NccnyBbUYfcestuOLOVUcYGTXxhh5psMFGGC_U8CoIKFyRhhuL3jEHCE5QAQJ1r-4Agr9uwKQwHjClAEIQhbFRxhVliLFEGtIltW1s_C6BBBVNMMECCGyksUYZIBxR0hpvSDwEGnI0V8Z0Rr3qQg03aPYtDCBMEYYZYciRRr7pxjbXGJ-K4AQTc71RLtMZPT0XG01b_dBBdnwhRxlsUMTzZjXgQEN1D8lxRmmv8TwZ11-IIcdCuSlaRtdtlAoaDkZtXTNFhgqlGqc145HHQoN_zepAvwU33AuOQuqGpMw5N9ccszb6Bh3sSd1CHW5wjFK4ZIwRgwxzlW5VGV-UfvpcdBDKEFgb0ZApuBa1gfrsONR-Ow0rTWaQ12XMAccX7FFEO0y_SyVGY3YTXQcbE_GF9UKpjuEaDH0oEBA%3D&s=3fe780e7dfa637293c984a51f6adc30b5f7c440cf703327d53cc9f73474840911685643194&w=t&r=1&d=1033&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1465302825&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame 6EC4	26 KB 26 KB	82ms 22ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1983450489&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df6fa320a4c-AMS
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame E80A	26 KB 26 KB	87ms 48ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df6fa350a4c-AMS
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame A63A	26 KB 26 KB	79ms 41ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df6fa390a4c-AMS
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 129C	24 B 122 B	27ms 27ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XgkGEGxxgYOHC0uBFGjI0WNGyQodECB5kZMlrUmGGGhpkYNsbEKGNDhoiHc8SkIaNQxxYRMmLMoAGDRgwaOWyI6PIwTJ0xGceUEUNGDEwzLczYoIkyRo4YLcTUqJGjRZkbOGqU0VqDDA4bNX5CJGNnoY2oMh7CqSOGoowcN6rCgUPRbI4ZQOFMZHjDhtIbFce0YaxDBl4ZOCDvNbNQRmIRYty4oZgDxoymgUW0cYOx840ZfwXPrv00RgwcD-vEyIiGDh04c3S8eBHGhUE6tF2MedPmxZkydF7EgAFjuwwaMn7QSdOmTI8YbL_nkAEaxw3TXOpw9xyGzpgenmuAnhF_vo0wcIjRwxRfzICGEVHIwMQYZhBBxRVI5BHGGkrU4IYWZRyBgxlsXeGSGEp8gcQaaDxlhRh4WGHGFTmo4cQbVAThIBV5EKGGFUbcYAcOSKDBhgxBxNBEFVYQ4YQNMCxRRx55fPGFGF_QIIYUBtkxBQ1LUCHHEy08cUMOdlTRQhZSGHGGhDU6UYQZdDRxxxpzPEEHDmvMYGYcQ0BhhxpBfHFGFUkQIUUVaegFRxulPfTGoYmKQAZ1GclBhxipySEdpA-NUd9CWzRElQhwyIGVDhXBEUYebbxBxkI4wPCQGKTpAIML3NXwkBx2cGZWcHUUqoMIr831HgxktIAXTmVRmtZ7YI1BRg5l4BAGe4g5pVcanAF7gws04OBCDjRwm4NecnyBbUYzbNvtt-FCpVcdYWTUxBt6pMEGG2G8UAOtIKBwRRpuPHrHHCA4QQUI29G6Awj_umEDDQvj8XAKIASxGBtlXLHVEmlkN9O2uPW7BBJUNMEECyCwkcYaZYBwxFxrvEHxEGjIQV0Z2j1Fqws13LZvayBMEYYZYciRhr7puoCbXmOMKoITTOj1RrlNZwS1Xmw4ffVDB9nxhRxlsEFRzzWghwNTroogxxmrddZzRV0_KQerXJfhdaqrdobDU1zbTJGiRdEgmM145LGQ4GqXEetAxiGn3AuSUuqGpdNVp9ccuEb6Bh31Td1CHW503EJDLpChk09cO33QF6bHgLpFiJJqQ1wPN5SDrbD7JDvtNNheQ3enGfR1GXPA8cWmu9dQu1mIlzSZo4pbxcZEgmW9UNpj1AZDHwoEBA%3D%3D&s=61abcae3ad608dabaaf53655041853723495cdf6bda29bf60d9d50c761ab8c041685643195&w=t&r=1&d=661&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:15 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame 6EC4	26 KB 26 KB	72ms 48ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df6fa3e0a4c-AMS
GET H3	200	core.632b1f6bbf8af8a4b6ac.js Show response creative.xliirdr.com/widgets/v4/Universal/ Frame FA79	3 KB 1 KB	23ms 23ms	Script application/javascript	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://creative.xliirdr.com/widgets/v4/Universal/core.632b1f6bbf8af8a4b6ac.js Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cec3e1b294aacb72051196b3da423f849d0c21c3a953712b59a00f3d56ac2d98 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&buttonColor=%23930606&campaignId=128029786fbed96fe880330bb083ecce41e122ba08e2711908bc9493ef368344&campaignType=smartpop&creativeId=2f2cf8c271b310e6a7160563a0f1ee432fa665a116dc0c291a081b2515848ba9&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&iterationId=30231&liveBadgeColor=%23ff0707&masterSmartpopId=0&memberId=oDboijKFWwRnjWttK82e7bunA-R-cFZsJsZyzjLgRFv7Cj-9vdovSzXRG_x70n1SknaFIY20kQ1nWtBvsS_EXouQ22dkKhxd7u-w6vOIWsb7EIE_gUIDRUi&p1=3761372&ruleId=0&showButton=1&showModelName=1&showTitle=&smartpopId=1548&sourceId=271333&thumbSizeKey=big&trackOff=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=22460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma public date Thu, 01 Jun 2023 18:13:15 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 May 2023 11:42:01 GMT server cloudflare age 8 etag W/"64748f89-acd" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=10 cf-ray 7d096df6dcc90c2d-AMS alt-svc h3=":443"; ma=86400 expires Thu, 01 Jun 2023 18:13:17 GMT
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 4CFA	24 B 122 B	315ms 314ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0WQITOGTBgZNXC0MJPjhowWNGKIORmxTI4WMGqEERMjTA0YZiKOEfFwjpg0ZBTq2CIiRo4aNmrcmHEjBw0RXR6GqbNTh4gZNUjiwEFjTAuDOcyghHEjRoscYszUaCFjDA0zMMLYwAFjBg4bPCGSsbPQRg4bMh7CqSOGooySUuHAoWg0x4yecCYyvGEjBtOKY9osZkh2howbUsmYWfj5oRg3bkjLgHE3R2ARbdxg1PF5hl_BsWfHSBkDx8M6MTKioUMHzhwdL16EcWGQjmwXY960eXGmDJ0XMWDAyC6DhowfdNK0KdMjRg3XNFzL2GryBpc62mXYCENnTI8ZnT-_jz8fjpgeclyRRwszIGHEGzGQ0cYTVjyBwxIwMMHGEzasgQYaVGShhBFhWHEFEjlc8VMeVxgxxBdWQMEaDjVU4YQcMgzRxB1D4GHDhXCsoYYeUuBABQxtpDEDjWdAoQQUT8TxBhJyhEFFGWwogYMdTiTRRhZmxAHFGEmEwYYRerDhhhRW2BAFHDa0YMMTQmiRRhM0JGFEHUeIcUcNb1yRxRh4ZNHEF2dUkQQRUlSRRl5wtEHaQ28kuqhG0mUkBx1inCYHdJE-NAZ9C23RUFQiwCFHVRXBEUYebbxBxkJ0mTaaDjC4oF0ND8lhx2ZG_VbHoVaVMcYNOORUxlo0lEFDGCiVkV0LYvhVxldj1DCDSzV111ZeaWx21Q0u0ICDC051m0NecnyRbUZMdfttuOnlVUcYGTXxhh5psMFGGC_UICsIKFyRhhtkvHHHHCA4QQUI2cm6Awj-umEDDQvbSEMKIAShGBtlXFGGGEukcZ203NrG7xJIUNEEEyyAwEYaa5QBwhG-rvEGxUOgIYd0ZWC3m6wuKIUVuDCAMEUYOcmRRr7p2pbXGFWJ4AQTeb1RLtMZPZ0XG01b_dBBdnwhB5QUKVWDeVxpV-sZqdGmVEVcfyGGHKxuXUbXqa5KGw67bX0zRYwKRYNgN-ORx0J_i_D1qwMRZxxyL0xaqRuXRjddXnPYKukbdNAndQt1uOGxmjG4wFEMMuTFUUYHfTF66Q_RoagOMcyFFA0NHdV6G6XDLvvDtd8kw2N6eV3GHHB8wanuLPJuVOEzSaZRGTnVwcZEgmG9EAyazgZDHwoEBA%3D%3D&s=9a8c1ea60962a18b3d0935bfbc7660287aac911bf28f76dd0d137637e2e3559f1685643195&w=t&r=1&d=662&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 04B1	24 B 122 B	247ms 246ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XAiLFxjJgbMVqECRPDTAsaJXG0yDHDxpgWMMLQuIGDBg4yNXOUEfFwjpg0ZBTq2CJCRowZNGCgpJHDhoguD8PUGZMRhxgxNJjSsNHiRhkaZU7WEBOmhRgbM1SS2VojTJkZOcSYicgTIhk7C200lfEQTh0xFGXkuBEVDhyKMXKw7AlnIsMbNo6CfDimzWEdMmzUkIFjRlQyZhbKICxCjBs3FHPAmKGUr4g2bjBivtEyR1_YsmOgjIHjYZ0YGdHQoQNnjo4XL8K4MEgntosxb9q8OFOGzguOG2HIoCHjB500bcr0iFEjx3bznHHcGM2lDgztNsLQGdMj8-bO7d9nDgNHTI80aeTQxBlo5JEGEnTgUAcReLghgxJqaGHFHEakcccXaJwxQxhu6HGFDFjksQQMc4xBBBNT1FADHm9EkYMRaqyBBhIRWuHGETIcQUQNRmihRxx40NFCHU8w0QYbLTAhxxKVqRFEDHloYQMSWMBwxB1nvIFDDU1EIWUUUxRBhhx25CDTEDY0gYcNd8RRxBNpqFHHEF9kEcaLVLRBRRRfnFFFEkRIUUUadcHRhmgPvWEooiKQEV1GctBxlRtyPPcoZfIttEVDUIkAhxxU6VARHGHk0cYbZCyEAwwPybUQDC68V8NDZF6WmG91EKqDCKyVMcZ6MJDRgmYxcIXSVWatZ9IYZOiEQxgyCHYDSnWlcRmvN7hgkws50KBtDnXJ8YW1Gc2Q7bbdfltXHWFk1MQbeqTBBhthvFBDrCCgcEUabjh6xxwgOEEFCBzFugMI-7phAw0Hr0lDCiAEYRgbZVxRhhhLpGFdDea60FK-SyBBRRNMsAACG2msUQYIR_i6xhsQD4GGHNGVcZ1usbpQA233qgbCFGHMJUca9nbcUl1jhCqCE0zU9Ya4SWfEdF1sKD31QwfZ8YUcZbBB0c41kFfTe7SegRpmO1eU9RdiyKEq1mVofWqqmOGgG9Y0U5SoUDT0RTMeeSzUtwhch7arcMQZh1ykk1YKnXR1zUEmpG_QId_TQ7qhcQuZuUDGGDHIUNfnGR30xeeh10XHoaLasOXCDeUwq0VtiN766zTEXsNqpBm0dRlzwPFFprfXAHtig4chhmONljFXHWxM1FfVr1ImGwx9KBAQ&s=457fc8213d738bf94f6d2be6720250f2adb4d6cb46858b57e5012b8cd665e0311685643195&w=t&r=1&d=599&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame E80A	26 KB 26 KB	60ms 49ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df6fa3c0a4c-AMS
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame A63A	26 KB 26 KB	56ms 48ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df6fa3f0a4c-AMS
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 4D24	24 B 122 B	268ms 267ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQMFNGho0YMGq0gGEmRowWNBrmaCGGxowwLUyOwVGjDIyQNXGIeDhHTBoyCnVsEREjRw0bNW7MuJGDhoguD8PUGZNRTA0ZN8bQyGGmBVYzMGmEgXEShxkcMlqEKQkjjA0bY2CIuUFmJ0QydhbayGFDxkM4dcRQlJHjRlQ4cCgWzTGDJ5yJOpZ-XFpRxJg2iXXQkDGjRgzDd80sxPpQjBs3o5nK4EzjYRs3GHVgnbH37-vYMVLGwPGwToyMaOjQgTNHx4sXYVwYpAPbxZg3bV6cKUPnBUiyMGRs_kEnTZsyPVRqz7EaB44bWLnUuekxDJ0xPTZ3_qyevY0wcMT0cJPmjhMZR8wQBRt1UCFFHXdQEYVJapBxRwtNmJFDFUS8McQac9igRQ1YEMEEFUKgN4YNTOSxxBRJnPEEG3jAEccTVUSBRhhfwLBEEVFcAQcbbzzxBhE15VFEGm4g8UYUTCzxRhhT2OAEGTmkgYYQOHxBgxJQCKFEEDyyEQMZT9CgBmxtOCGFEklQEYQVZkBRhBZQ0JDEF1fEIIMUQXxxRhVJECFFFWnYBUcboz30xqCFikAGdBnJQYcYpsnhHKMPjeHeQlvMEANUIsAhB1WywfBXGHm08UZdOtQgqghiiKYDDC7c5JAIctiRWVG91RGoDiLIEAYNNpRRwwxltFATDGOg9NYNLeQwFg0tMGWDGTA4u9lHOj2URmYiLOUCDTi40NS3OdglxxfbZuQtuOLSQK5ddYSRURNv6JEGG2yE8UINsYKAwhVELnrHHCA4QQUIIMW6AwgAu2EDDQvj8XAKIASBGBtlXFGGGEukUd2wN7hAm79LIEFFE0ywAAIbaaxRBghHlDHGGm9QPAQackBXhnW5xepCUp2JCwMIU6wVhhxp7OstbXaNAaoITjBh1xvnOp1R1Hax8TTWDx1kxxdylMEGRUl5VgMONNz0kBxnoCZbUpV5_YUYcizEm6JlfG0qqjLgkFvXOVNkaFCtdZozHnksVHjYrg4kHHHGveAopG5I-lx0ds1Ra6Nv0OEe1S3UwR8dI7lLxhh22nV6Rgd9cXrqFhHKkA00PaxpU7HLQBHtR7lUFA03mBQVGWCXMQccX1w6e-2-4w6RGJDhDVYdbEz0l9YLrTpGbDD0oUBA&s=3138f969dbd96236f2cfe4f1f6438d242a1836b27d70db021ca740a0051500ec1685643194&w=t&r=1&d=1100&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1956573794&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame E80A	26 KB 26 KB	43ms 41ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df6fa3b0a4c-AMS
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame A63A	26 KB 26 KB	47ms 46ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df70a5f0a4c-AMS
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame 6EC4	26 KB 26 KB	46ms 45ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df70a630a4c-AMS
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 7D2F	24 B 122 B	256ms 255ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XEwAGjRpgaY2C0IJNjBo4WNMLgkNEiB44yJ8OICQPDTJgcMcLkLCPi4Rwxacgo1LFFhIwYM2jAoBGDRg4bIro8DFNnTMYYN2bkIEMGhpgWWF-itDGmTIswSlmSuYkDx5icNMTMuNETIhk7C208lfEQTh0xFGXkuDEVDhyKMXKU9Alnoo65NpDeqChiTJvDOmTYqCEDx4ypZMwslEFYhBg3bijmgDFjKV8RbdxgzJxVb9_Ys5vG2PiwToyMaOjQgTNHx4sXYVwYpCPbxZg3bV6cKUPnRQwYMK7LoCHjB500bcr0aJhje_nOOG6Q5lIHu-YwdMb00MzZM3v3NsLAEdMjjQ0mM6zxBRR0zFGDG2vEgUQTbgShBRQtBBFHDlMUOMQacpDxBRxSqCGDG1bEMYUUM0ixBhE25GFEFXSMhEQWMlgBxxB53DHHFEzkQYMQcyQhBxZFVBEEHES04IYNRJBxRx1BwBCGDG3YQUcMTUxxhhA0QPHGZkegwYQWcUTxBhtmYJGDFGwUIYUYTyBBxRx0YLGGWy1QscYaasAQxBdnVJEEEVJUkUZdcLQx2kNvFHqoCGRAl5EcdIhxmhzOOfrQGPAttMUMMUglAhxyWMVQX2Hk0cYbZCzE0UNiiKYDDC5g55AIctiBWWK91TGoDiLUQEMZZchQwwxhgBXGDWOgVIMZM7R0A1ktmMFRea2akYMYZMxQVxqYiTCXCzTg4EIONICbQ11yfMFtRt-GO265TtVVRxgZNfGGHmmwwUYYL9QQKwgoXJGGG43aCIITVIBwXaw7gCDwkTQ0jIcNNKQAwpBwsFHGFWWIsUQa1Q17gwsz2ADwEm42wQQLILCRxhplgHBEGWOs8YbFQ6AhB3RlWNdUrC7UkJW_q4EwRRg2yZFGv9-WXNcYoorgBBN1vZEu1BlNXRcbUWv90EF2fCFHGWxQJHQNDeGgFAwPyXFGapkJTRnYX4ghh6pflxH2qalmhkNTX-9MEaJD0dDXznjksZDhtJbh6kDCEWfcC5BK6galz0VX1xy1PvoGHfBZ3UIdboDcgg0jk_GWDHWpntFBX6geA-sWGcqQDTjUQDGn5NbO-u25754YDbh_ZpfYZcwBxxeZAq87DbwzLpNjjDpOFRsT9cX1QmxXNhsMfSgQEA%3D%3D&s=e38664716281e49c80f6209d8ec2aea354481c2769dbcfe0cd938ea47c52fd5f1685643194&w=t&r=1&d=1109&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame D368	24 B 122 B	253ms 252ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYoWFjjAwbZcS0yDGGzI0WNHLUyNHCYI0YLWbIqAEjTI4wM8zAqHFDxMM5YtKQUahjiwgZMWbQgEEjRkobIro8DFNnTEYaM2aUMYNjho2ROGiQQTnGRpgWYsaEkdFCxpiVNG6YrCGGjAyfEMnYWWgjhw0ZD-HUEUNRRo4bU-HAoRgjR44ZP-FM1DHjho2kNyqKGNNmsQ4aMma8RJzXzEIZpMW4cXP6Rg4ZoWk8bOMGow7UXnMEpm3baYwYOB7WiZERDR06cOboePEijAuDdGq7GPOmzYszZei8iAEDBncZoH_QSdOmTI-Gr1PCxoHjBmoudbp_DENnTA_QomPcgC_fLBwxPeRBxQ1vwCCGGERkIQMUeYhxBB1ELNFQDW4cgccRM-QxBhxV6HFcDWikccQbZ1AhxhxN0CEHEXAooUUNONRAhRx1tFDGEGRAUcQYQzQRhBRywFGGHkNgoQYSbcTgxgxyDCEDGVeEUQUOdCxxhg1rvCFFC1sSYcMSTRBBBRNhoGGGEFTc4YYdc1xRhRNhrPGEGmaoEccQZaAkRBI4jPEFDF-cUUUSREhRRRp4wdHGaQ-9oSijIpBRXUZy0HGgG3JMN-lDak22xQwxSCUCHHJYdRsMgYWRRxtvkLEQTQ-JYZoOMLjQnUMiyGGHZ40JVweiOohQxhg34GBGGGXUgFIZNJxFQxncodVXnhHVoFUOMawFmlUPpeGZCJW5QAMOLuRAg7g54CXHF95mFO645Z6bEl51hJFRE2_okQYbbITxQg22goDCFWm4Iekdc4DgBBUgcGfrDiAQ7IYNNECMB8UpgBCEYmyUcUVIS6ShnbU3uOCVwEsgQUUTTLAAAhtprFEGCEcMm2XGQ6AhR3VlbOeUrS7wJFq5MIAwRRjHypHGv-F6hdcYporgBBN4vbEu1BlNjRcbUWv90EF2fCFHGWxQxNNLMC6Faq5nsHYbT5qB_YUYciwUXKRlhM2qq7fh4NTXO1PUKFGyjbozHnksVPjYsw50XHLLvVDppZlSZx1ec-hK6Rt00Gd1C3W4IXJMJZMxRgx3fR31QV-YjjpedCzKkA0xUgyquRa1cdfstWPVGEevTUWG2GXMAccX9FFEew22_z6VGJPhfWwdbEwUGNcLrT2GbTD0oUBA&s=de7df92fb393196d945c752ee7bc73553667ddbf0aebe5f67b75a525d0fdb7a71685643194&w=t&r=1&d=1122&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H3	200	models Show response go.xliirdr.com/api/ Frame FA79	2 KB 862 B	53ms 52ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/api/models?forceClient=1&stripcashR=0&limit=1 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb3d3a01b8a715231ac2015fdff2fc2ff61e530941f883cc2eaaba61c53fb437 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Jun 2023 18:12:54 GMT server cloudflare age 1 vary Origin, Accept-Encoding content-type application/json access-control-allow-origin https://creative.xliirdr.com access-control-allow-credentials true cf-ray 7d096df72cf20c2d-AMS alt-svc h3=":443"; ma=86400
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame CE44	24 B 122 B	255ms 255ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XAIBMmTA0zZsa0mCFjjJkWNHKEgdEihxkbLG-UFHMDhhkZZHLgCCPi4Rwxacgo1LFFhIwYM2jAoBEjpQ0RXR6GqTMmowwxNsSsHFMGJQ4YN1DSkIGjBY4cNcKO2XkjDI4bNsbMUNkTIhk7C23ksCHjIZw6YijKyHFDKhw4FGPkyDHDJ5yJDOEivVFxTBvEDMGSLGzXzEIZnMW4cfNZBgwcevuKaOMGow7QM_T6Ze26aYwYOB7WiZERDR06cOboePEijAuDdFq7GPOmzYszZei8iAEDBnUZY3_QSdOmTI8YNXJgF0_2LWgudarLsBGGzpgeMzSfTw9jfRg4YnqkYeJkxowsY2iRxAxK1BGFGFN0F8QdUlgBxxBjHHEHHmjA0UQTShihRhZCaOGGEHAwoQUcUNAARxhBzCCHEC3AkIcUX0BRgx16hTHFFza0IUcbZDQHgxNMUNFEGlG8dAMTRQQRRAxx5HGEHkmcQUQbSZCxBhtfYCGHEW2ccUWWbDgxhhpmJCGFEk2QEYMeWDBxRA53yKUFHUGoQcMXZ1SRBBFSVJFGXXC08dlDbwQ6qAg9CqqDCHLQIYZocizXXF1jtLfQFg1FJQIcclSlQ0Un5tHGG2Qs9NVDYnimAwwuVFfDQ3LYgZliutXx56L-HRVeDjS0YBoNIjE1Qxgt4ZCSWTmQIUMZMWglBmiBPZQGZiLMcIMLNODgAq_Y5lCXHF9Mm5G12GrLbUp11cHTok28oUcabLARxgs1tAoCClek4UaPd8wBghNUgEBdqzuAkK8bNtBQMB4JpwBCEIexUcYVZYixRBrS1UBubPcugYSQTLAAAhtprFEGCEeUMcYabzg8BBpyNFfGdE216kJaM9SbAwwgTBGGGWHIkQa9Gz_10BieigBkXW-Ai3RGSz_ERtJRI1qGHV_IUQYbFKVVA3jGVgfrGaS9llZFB2EthhymPpT2F6OW-hoOTbkdM0WEDkWDXzHjkcdCezNahqoD_RbccC80-qgbkTLnXF1zxJpRzHS013QLdbiBcYsxuEDGGDHIUNfnGR30xeeh10WHojHYgEMNCTfE60Ori_6p67DTIHtKlElFRtZlzAHHF5be_nrsigUehhiQWQ10HWxM5NfUC8FwtGsw9KFAQA%3D%3D&s=40b6019a155a68135b586b1cca09ceb746823de90b65b52e8ac24ef93242582a1685643194&w=t&r=1&d=791&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 5938	24 B 122 B	26ms 25ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0WIGWNmxpgbYm60yGHDDIwWNHLcOCnGTBkZLciQmRFGRg4yMMjgoGFGxMM5YtKQUahjiwgZMWbQgEEjRkobIro8DFNnTMYyLw_ekFGmRQyQYVCGyRE2DI0yInGYkVHDKY0aEWvM8AmRjJ2FNkjKeAinjhiKNm9MhQOHYowcOWb8hDOR4Q0bSW9UHNOmMEMYN2bIEFy3p47ND8W4cbNQhgwYOPLuFdHGDcbPmfPybf3aaYwYOB7WiZERDR06cOboePEijAuDdFy7GPOmzYszZei8iAEDBnUZNGT8oJOmTZkeMWrkwD5eBg4cW29wqVNdho0wdMb0mIFZs3r2MNyHgSOmB5UmSJRRBxIxGBHHG0bYwUYOTOCABRxE6IGGHXicQQMTRTRxBxFKzNCCEzI8EYUYTLAxgxFntNDEEFEcgYYTR4yBBRFhzDCFE1c8UYMRbyQxhRY35FGFFTdAcQYbSETBhhF4BNEEDGFkUceBOIQRxRlSjDEFHTfEYUcVRwxRRxpjnGEGFVEgQUcMWtTghBZYJNFlDmtcwcYadoimBxxFVPHFGVUkQYQUVaRBFxxtlPbQG4gqKgIZzWUkBx1iiCbHcpE-NAZ8C23RkFQiwCGHVTpUBEcYebTxBhkL4QBDaJ7B4EJ1NTwkhx2WHabbmBnl0NQMNsgwRlc1mCGGDSiZMYaHYvhKQws23FAGDGKEl4NLLdGVhmUizHCDCzTg4IKv4OZAlxxfbJuRt-CKS25KdNURRkZNvKFHGmywEcYLNcwKAgpXpOEGpHfMAYITVIBA3aw7gBCwGzbQ0DAeEacAQhCEsVHGFWWIsUQa0sn1LbD_LoHEf0ywAAIbaaxRBghHlDHGGm9YPAQacjRXxnROzepCDZn1mwMMIEwRhhlhyJEGv-wCS9cYpIrgBBN0vYEu1BlNTRcbUWv90EF2fCFHGWxQBHRbNexUna1nkPYZ0BWB_YUYcrT6dRlhq8rqZzg49XXOFC1KFA185YxHHgsRLsLYng30W3DDvTBppW5cypxzdM1xq6Rv0AGf1S3U4QbILcgwgwtkjBGDDHSlntFBX6S-Ol10JFqqDTjUEHFDvj5UO-u35777YSnNkFtdYpcxBxxfcBq87jTwrngYYjT2aBlI18HGRHxxvdCrIpT5fR8KBAQ%3D&s=580dc7d586c482aee8bdea4a668f33ab0bb6f4ef54f6934837978d033658513e1685643194&w=t&r=1&d=948&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame C67F	24 B 122 B	270ms 270ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XkgEGmxhgxZWS0KDPjYAsaZHKMaZGjzMcWNsbYsIEDhg0yYsLQKCPi4Rwxacgo1LFFhIwYM2jAoBGDRg4bIro8DFNnTEYYZcTkQHoDRgscY8rgOFnGRhmWY3CIpDED5I0cNXLgeMtzKhk7C208lfEQTh0xFGXkuDEVDhyKMXLkmOETzkSGN2xwrTimzWEdMmzUkIGDMUQyZhbKICxCjBs3FDfOWMpXRBs3GDHfmKG37-vYTWPEwPGwToyMaOjQgTNHx4sXYVwYpAPbxZg3bV6cKUPnRQwYMK7LoCHjB500bcr0iBF3ew4ZnOeO5lIHe-YwdMb0yLy5M3v3NsLAEdMDixooRQznBBNf5HHFGlnIUccc7WERHh43OGHDDTQ4AYcdUyQxQxNHoKGHFk_FsMQNazwRhhNnzEEDHjF8McUNc2AxBhs3TEFGHjS48QYRVcCgRhZtLNGEHWPQMAUMbyQhRxpBTFFDEGa0AUWHesCghBRn0FGDEE5gIQYTdbBxxBk3XGHGWXq4AQUMchzRhhl0wEVFE1osMcMZX5xRRRJESFFFGj2JAEcboj30xqCFikAGdBnJQYcYpsnhHKMPjQHfQls0JJWgclilQ0VwhJFHG2-QsVBND4kRmg4wuIBdDQ_JYcdlifVWB6A6aMQUbTKE1UINZohhw0lmjDFDC1rRQANMN5QBgxjk5XCmqoGmcZkIM9zgAg04uJADDdvmEKgcX1ibUbbbdvttuIHWEUZGTbyhRxpssBHGCzW4CgIKV6ThxqJ3zAGCE1SAcJ2rO4DQrxs20JAwHg2nAEIQhrFRxhVZLZFGdTWgS9u-SyAxJxMsgMBGGmuUAcIRLq3xhsRDoCEHdGVY15SrLtQwW74bgTBFGGaEsSS-HkNVqaciDBjoG-SOgbTSD7HxNBOBHmTHF3KUwQZFOtdAHg5KwRDrGahhpnNFVn8hhhynPpQ2qaZihkNTbs9MkaFD0dDXzHjksZDeImS96kDCEWfcC45C6oakz0UX6ByyNvoGHfAx3UIdbmzcwlIukDFGDDJUjfRBX3gOeqB0EPopTTU03BBcD6Ue-uo4tM5WYjW4ZxfWZcwBxxeX0m7764CHIcZjipYRdJgT9SX1QmKLMEZsMPShQEA%3D&s=3fcdc1abef5115c9a60152b697371e125e477a28e9911ec83f4411cc4553ada41685643195&w=t&r=1&d=792&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame E9B1	24 B 122 B	25ms 24ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XUgCFGRowyNG60yIFjxowWNGTksNGiY44YLcLkkEEj4owxZsjYsCHi4Rwxacgo1LFFhMcZNGDQiEFjpYguD8PUGZPRTIwZNsqMEXPyxhgbOVDagFFmZI0bNVqUsUFmDA0yNcjcuIEjR0-IZOwsBGtDxkM4dcRQVHkjKhw4FGPkyDHDJ5yJDG_YuHqj4pg2iHWknFEjRmG8ZhbK-CzGjRvRN2bKQPqwjRuMOkZjzfHXNWymMWLgeFgnRkY0dOjAmaPjxYswLgzSee1izJs2L86UofMiBgwY1mnK-EEnTZsyPWLUmNlUhgwcOG6M5lLnugwbYeiM6bG58w327uHDEdNjjJwYcVghAxpQSCEcFnXQEIQQVtygBQ53rKEHFHK4kQQOcrDRBBEwwDEXGU7gYMURclwxBxtO3GAFGUjAYccRYpgBAxFlzHDDHXPkgUcZMwoxBxQ0TYHEEWXE0YQaVuSQBFM3UMHGGVpIwURgWpxBBQx23FFDGXgUEUQMUERxRBtdZjGEHW0REUQQjMUxBBpLFFHGEViscccXZ1SRBBFSVJHGXXC0IdpDbwQ6qAhkPJeRHHSIUZoczSn60BjxLbRFQ1CJAIccVMUGw19h5NHGG2QstNFDMS4EgwvX1fCQHHZkphhvdfypgwgmeTReDjS0IINSY6B0VRgj4dBUC3WRIUMZMYgRRkc3CPZQGpnheoMLNODgAq_Y2vXqF9RmZCO22nLb1F11hJFRE2_okQYbbITxQg2sgoDCFWm4kSiOIDhBBQjWsboDCPi6YQMNA-NxcAogBHEYG2VcUYYYS6RBXQ3jYmXvEkhQ0QQTLIDARhprlAECkWOs8QbDb8rxXBnVMcWqC2dxti0MIEwRhhlhyJHGvBnzNGmnIjjBxF1vyPHFGEQbfRcbTR_90EF2fCFHGWxQdFZnNRh73atnnBbbWRVR_YUYciy0G6JlVD1qqbHhwNTULlNE6FA0_OUyHnkslLcIV4d2K3DCEWcco466Aalz0N01B6yLvkFHfEm3UIcbFrdQgwwutBWDDHe1ldFBX3gO-kN0CKpDDDbgUMPBDfGKehugr9766zTEni12UZFhdRlzwPFFpba7Drtifz8LGds818HGRH9BreqksMHQhwIBAQ%3D%3D&s=20e0bd1b00d117cc525f9c956a52ddee6fc458591cd5c454a722ff7f9fee3fcb1685643194&w=t&r=1&d=1102&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 12FA	24 B 122 B	286ms 285ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUKYMDxw0zMWy0yDHDYwsaOWCMaREmRhiROMrUyHGDho0xNWyQkSHi4Rwxacgo1LFFhIwYM2jAoBEDpQ0RXR6GqTMm440YOHPYKLMyRhkbNU7eIJOjBY4wMlvcxGFmphkcZMbcCNMTIhk7C21olfEQTh0xFGXQlAoHDsUYOUj6hDNRx4wbNpBefTimjWEdMsDKwDFDKhkzC2XceCjGjRuKKWcs5SuijRuMmG_M0NvXNeymMWLgeFgnRkY0dOjAmaPjxYswLgzSee1izJs2L86UofMiBgwY1mXQkPGDTpo2ZXo0zKGd_GaPornUuZ45DJ0xPTLX2DxDPXsbYeCI6ZGmyRQyWNwwnB1BJIEFES0oIUQaUKThRhk5pGFDEWssUcQVNrSBhEp6SBFEDEfokUYYRiyhBIJ2DEFFHjGIEYcYRcxQQxw23ICDFlYoEcQUdSzRBhlyQEHHE1ZIIUQYajnxRRlQLEEGGWwkUUUUacSRRRNaIIFGlFnk4MYQdZABRR1qRAHDDFKsEcYaQhzxBBpxECEDFlfAMcUXZ-BZRRJESFFFGnXB0UZoD70hKKEikPFcRnLQIUZpcjS3KGXuLbTFDDFEJQIcclTFUF9h5NHGG2QshAMMpIGmAwwuXOeQCHLYcRlivNUBqA4iiAFhGOSZIcNIYzx20k1kmHUDDMW2NIYZObRVw5kb1ZXGZSI85gINOLiQAw3X5lCXHF9Mm5G12GrLLUp11UEXrk28ISIbbITxQg2tgoDCFQ4qesccIDhBBQjWtboDCPi6YQMNA-NxcAogBFEYG2VcUYYYS6RBXQ3WzmbvEkhQ0QQTLIDARhprlAHCEVyt8QbDQ6Ahx3NlVNdUqy7UIBu9KYEwRRhmhCFHGvNm_BRlnorgBBN1vQHuGEUfXRcbTSP90EF2fCFHGWxQZHMNDeGgFKqwnnEaZjZXlGgZVYshh6lTo_3FqKVihkNTU79MUaFD0dDXy3jksZDesJah6kDBDVfcC40-6kakzkFX1xyxMvoGHe4p3UIdblh8UrZxxcDT1EUf9EXnn4tAx6AM2YBDTjRguq1FbfCU-uoHu44tDKPZZXUZc8DxRaWzs267VGI0dnbPdbAxUV9QLwT2GLDB0IcCAQE%3D&s=5bd3a91df1740de3bd5997715f70945ccc1de621cd85b1559e170723cb2ceacc1685643194&w=t&r=1&d=1049&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	12628162 img.strpst.com/thumbs/1685643090/ Frame FA79	26 KB 26 KB	26ms 25ms	Image image/jpeg	2606:4700:311f::6812:3f7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.strpst.com/thumbs/1685643090/12628162 Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb1a502cd47df14746e266dce8284ededc8d416e6caccf4ff4c575373a56dd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://creative.xliirdr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT cf-cache-status HIT age 47 alt-svc h3=":443"; ma=86400 content-length 26349 cf-bgj h2pri last-modified Thu, 01 Jun 2023 18:11:57 GMT server cloudflare etag "275cbb4821a281706fd9f4bf2a6f257e" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=1, max-stale=1, stale-if-error=1 accept-ranges bytes cf-ray 7d096df7dbfe0a4c-AMS
POST H3	200	view Show response go.xliirdr.com/thumbs/ Frame E80A	85 B 220 B	38ms 38ms	Fetch application/json	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xliirdr.com/thumbs/view Requested by Host: creative.xliirdr.com URL: https://creative.xliirdr.com/widgets/v4/Universal/main.a2f20435696a25382b5f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68b93fc47a0d8389aa27deb5833093d00b4c45ef2b21e8eba57831c733664b08 Request headers Referer https://creative.xliirdr.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 01 Jun 2023 18:13:16 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/json access-control-allow-origin * cf-ray 7d096df7fbc728aa-AMS alt-svc h3=":443"; ma=86400
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame D279	24 B 122 B	247ms 247ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XQMGNmRo0bYnC0KEOjTJkWNMaYEdNCDBkZZkbKqJHjhgwYBsPkwCHi4Rwxacgo1LFFhIwYM2jAoBGDRg4bIro8DFNnTMYaMmjUICOmDIwWNWbkoIFSjI0YLcK4PIkDxw0zMcQ4zVGmRpieEMnYWWjjqYyHcOqIoSij5lQ4cCjGyJFjhk84ExneODvjRsUxbRLrkGEDKw7Hec0slHHjoRg3bijmgDFj6V8Rbdxg3HxjRl_AsWc3jREDx8M6MTKioUMHzhwdL16EcWGQjmwXY960eXGmDJ0XMWDAyJ5Vxg86adqU6RGDZtYcMmS0tXmDSx3tnMPQGdODs-cZ7uHbCANHTA8jNGQhRBxRIJEEDDU0IYYUdcjBxBFpZPfFFFm8ccYUMtxh0BtoGAEHGjTE4ZYQQQiBhBtIkEEEDFTEtMYUeayRhAxUUMGGFm_g8QQScBhhRRBuQNHCEFUk8UUbeLhBxBxMGLEEEVI48QYWRQgRhRpSHCFHFHF0ecMdbXDkBBsgJVEHGXecEYYdcIQRxZUtKEFDHUpE0QQeUXxxRpFQVpEGXnC0MdpDbwQ6qAhkSJeRHHSIcZoc0Cn60BjyLbRFQ1KJAIccVulQUZt5tPEGGQvhAINpoukAgwva1fCQHGyq9lsdf-ogQhlj3ICDGWHUhRJJYfyaXUt9nRRRWGXkEEMY3Vn1UBqaiVCZCzTg4MJY1OaAlxxfQJvRtNVeS0O2eNVxl61NvKFHGmywEcYLNbAKAgpXpOFGonfMAYITVICQHas7gFCvGzbQEDAeBacAQhCIsVHGFWWIsUQa14V1gwu2zbsEElQ0wQQLILCRxhplgHAErmu8ofAQaMghXRnYNcWqCx95dC0MIEwRBq9ypAHvtLbhNUanIjjBBF5vcDt0RkbjxQbRTT90kB1fyFEGGxR9VEN5OCh1qghynJHaZh9VNPUXYshRqtRlUC0qqZvh0JTULlNE6FA0AOYyHnkslDfYZaQ6EHHGIfcCo466AWl00-E1B6yLvkGHfEm3UIcbFKM0LhljxCADXpxndNAXnHuOFx2CemoDDjUU3NBYD6H-ueqsu76YU61NRUbVZcwBxxeV0t46Da__rVZkiAZOFRsTAfb0Ql-PMRsMfSgQEA%3D%3D&s=a7b8fb9647a06b3c8d67af935e249be390efa29ca52bb02ee0f9b1fd386792d41685643194&w=t&r=1&d=1031&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 4ABC	24 B 122 B	25ms 25ms	Script text/plain	94.130.164.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0WMMRPmRsExMlrQiCGjjEgYYmy0CFMjRo4WZMLISHkDRhgYLmmIeDhHTBoyCnVsESEjxgwaMEbSyGFDRJeHYeqMyTgjx5gYY8iYidHCKg4zIsWQUflVDFgYNciICUMSRxgaNnRCJWNnoQ2mMh7CqSOGoowcN6DCgUPRZY4ZPOFMZHjDhtEbFce0IaxDho0aMnAghqh1oYzAIsS4cUMxB4wZSfOKaOMGY-UbM-7qZe06xsgYOB7WiZERDR06cOboePEijAuDdFq7GPOmzYszZei8iAEDJwwZNGT8oJOmTZkeMWrkwD4-M44bn7nUqW45DJ0xPSxj1qyevY0wcMT0qBGnDhQjRZyhxwwyXOFEC0c8cYMeUkTRAhVqsBGHDWzA0EQdSUhhBYJUJHFEG2vkcMcMNdAwBx1IrGFHGmpAAUcaTrRRhREyODEEHjSgEYcdbARxhBVVYAFHDWhcIQUZY4gRRBZxxIGZEm_AEeUddyiRRB1N5KDEFFjYkQUZTjSBBhtGtGCHHVIQUUYWcsgAgxpfnGGDGW5YQYQZdkQRZxVJECFFFWnsJAIcbXj2UJSFVvYQGc1lJAcdYogmx3KNPjSGewtt0dBTg8oxlQ4VwRFGHm28QcZCOMDwkFkLweBCdTU8JIcdlLmkWx2B6iDCDASGl0MONLTgJg1jiGRUGF3hsFQLOORARkkxrCXGZ309lAZlu97gAg04uADstjkIKscX11KlLbfe0gCuoHWEkVETb-iRBhtshPFCDa-CgMIVabjB6B1zgOAEFSBQ9-oOIPDrRlwI4xFXCiAEMRgbZVxRhhhLpCFdDTNoG5u-SyBBRRNMsAACG2msUQYIR5QxxhpvQDwEGnI0V8Z0tr3qQg2w4WsaCFOEwZEcadzbsQuxCTrGpyI4wYSgb4y7dEZOC8oG01UvWoYdX8hRBhsU8dxSDcpWJ-sZpFXGc0UHcS2GHKhqzXWpp1aGg22L1kzRoUHRoFfNeOSxkN8ieG1Gb78FN9wLj0bqxqTMOSfoHLM6-gYd7kXdQh1uaCysukiSJCiSGR30RegyCEpHojHYgEMNcTUE7EOrpw6q67DTIPtSMYBmUNdlzAHHF5je_nrsOUElxmIiHMRRHWxMpNfVrVrqGgx9KBAQ&s=8689165e12a37926feab76cefb7bc48ada15facbb0db2067849a0da13b3288df1685643194&w=t&r=1&d=1131&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=2134041496&categories={{ad_tags}} Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.164.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.164.130.94.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language nl-NL,nl;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp static.bookmsg.com/creatives/IN/	790 B 948 B	146ms 23ms	Image image/webp	159.69.161.138 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=9ff67bbc-1a5e-4384-b067-a10c06943982&mlc=1&format=default-slide-b_r-body Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.161.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.161.69.159.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT last-modified Tue, 24 Nov 2020 14:20:43 GMT server nginx/1.18.0 etag "5fbd16bb-316" content-type image/webp cache-control public, max-age=315360000 accept-ranges bytes content-length 790
GET H2	200	IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp static.bookmsg.com/creatives/IN/	790 B 947 B	146ms 23ms	Image image/webp	159.69.161.138 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.161.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.161.69.159.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT last-modified Tue, 24 Nov 2020 14:20:43 GMT server nginx/1.18.0 etag "5fbd16bb-316" content-type image/webp cache-control public, max-age=315360000 accept-ranges bytes content-length 790
GET H2	200	/ 9ea415bca3.0816086bd1.com/in/show/	0 201 B	93ms 43ms	Image text/plain	2a01:4f8:252:561a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://9ea415bca3.0816086bd1.com/in/show/?mid=2620037575546448339&pid=0&site=native-push-adult&sc=NL&usage_type=DCH&subid=1165953372&sid=71672592&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0.018293992520889455&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=8.66.0&ver_c=&refdom=trans.firm.in&hostname=auc-inpage-hz-0-a&site_id=3113407&spot_id=13407&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-06-01&is_native=4&auction_queue=0&burl=ZUJ9ZP_osniuseay48yLrJ6O53t-PFUnZIhg0j_dByNQvRaM7HQHjA&pop_winurl=&ip=37.48.94.49&testab=0&px_id=3113407&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=pop-default&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.018293992520889455&placement_type_id=0&skin_test=0&verify_hash=12840932ceb2f4c341e3bed4ebb1e4c0&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1165953372%26spot_id%3D13407%26is_adult%3D1%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.00039224084&user_fp=6922680713072813499&v2=1&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=5gjqm5u5DdKuoTG9HBUj2e8EZQj8QDnoN8JHoLyZ6s-__NunhKeZfR4obfUW_PcQVH8Q9iJtk-GXIAKvt7l3pxhGvMZ3Y0O93KuW7fCBPEIFJyBL8SwRVnFFKCmnXCEyAPc_Z8_el_SPV9O382bgcEQNMrIiNq_JqEi1auMM2Z6ZMQWv2w&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=&label_ids=114,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&auction_time=1685643194&show_count=1&from_cache=0&mlf=1&cpa=910c3144-d45f-4619-ad4a-7216d22af6a3&mlc=1&format=default-slide-b_r-body Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:16 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET DATA	200 OK	truncated / Frame 411A	483 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	177cbed865ace90cd245763dadef8805.jpeg cdn.adx1.com/ Frame 411A Redirect Chain https://eu.doctorpost.net/nty/metrics/save.img?event=impressions&bid-id=v2-1685643195076-7-9306-1214338-c5e63b68-7868-65e5-9734-00963751baff&img=https%3A%2F%2Fcdn.adx1.com%2F177cbed865ace90cd245763... https://cdn.adx1.com/177cbed865ace90cd245763dadef8805.jpeg	19 KB 19 KB	30ms 23ms	Image image/jpeg	149.6.163.10 COGENT-174
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adx1.com/177cbed865ace90cd245763dadef8805.jpeg Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Server 149.6.163.10 Longjumeau, France, ASN174 (COGENT-174, US), Reverse DNS Software openresty/1.15.8.3 / Resource Hash b9ee7a723a5c9cea09029060301bbb7c0dc0f4338df7edb9f80ebb455d952c6a Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT last-modified Sun, 13 Nov 2022 16:29:15 GMT server openresty/1.15.8.3 etag "63711b5b-4a7b" content-type image/jpeg cache-control max-age=1209600 accept-ranges bytes content-length 19067 expires Tue, 06 Jun 2023 14:48:20 GMT Redirect headers location https://cdn.adx1.com/177cbed865ace90cd245763dadef8805.jpeg date Thu, 01 Jun 2023 18:13:16 GMT server openresty/1.15.8.3 content-length 0
GET H2	200	/ 9ea415bca3.0816086bd1.com/in/show/	0 200 B	77ms 43ms	Image text/plain	2a01:4f8:252:561a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://9ea415bca3.0816086bd1.com/in/show/?mid=2620037575546448339&pid=0&site=native-push-adult&sc=NL&usage_type=DCH&subid=1165953372&sid=71672592&cid=12822&price=0.00066&is_cpm=0&cpm=0&ecpm=0.011369849407056293&crid=&crtid=4d0ed05dc7c22e462414663e1ad82397&tcid=0&out_id=0&ver=8.66.0&ver_c=&refdom=trans.firm.in&hostname=auc-inpage-hz-0-a&site_id=3113407&spot_id=13407&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1685715194&created_at=2023-06-01&is_native=1&auction_queue=0&burl=yVPs7t5yzUg1trBPIbLTAfgnktl_5AkjTBpOA1X2kif159XX9kgFwA&pop_winurl=&ip=37.48.94.49&testab=0&px_id=3113407&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=24a886906da5c54f6f10bfdcf9cf94e2fe1789f614b21736235ab49ece4ffb26&exp=1440&resp_type=&iabcat=IAB25-3&min_cpm=0.00834834498075129&placement_type_id=0&skin_test=0&verify_hash=d559618807e9e45fe480fdc9c5eafb9d&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1165953372%26spot_id%3D13407%26is_adult%3D1%26p%3Dhttps%253A%252F%252Ftrans.firm.in%252Fimg-640354e1dbc0c.html%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.00066&user_fp=6922680713072813499&v2=1&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=S4lZj09n5LH_gDDMdqj7s6w37shXpNRYQFNGa_WFSFooPbZP_WxHtxQyF4AQwVLTXLOj51XRF5x-JYHD5YiNrHfLR3ymqB4U2CeOpPDxfBDCysrpYla9JcDTOld5EPkhBMuU4DWL_uRqlBBeSA0xg00Zw2Pq1rgA5CxpM4xMO7jyF9RRXBP_tnyHvjSOcbxe_fDwJn-VO8_qTKuKbHo7GlLap13e4Brj9AJS9jiPlx5TFgq5bXio4gepRC_jN9kdrMg_WUXytEDX3PwQcQv7Di1Sd_BCKtL80hIh9MBgs3hzvaPkzFnLc_cwn5bA32rFAKEQZ372ertJGNE&image_url=https%3A%2F%2Fcdn.adx1.com%2F177cbed865ace90cd245763dadef8805.jpeg&skin_id=2&vertical_id=5&real_bid=0.000534204&pr=&user_keywords=&auc_type=1&aid=3251&ext_cid=0&device_theme=light&keywords=&label_ids=123,4,76,81,5,98,101,106&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Ftrans.firm.in%2Fimg-640354e1dbc0c.html&auction_time=1685643194&show_count=1&from_cache=0&cpa=91765b74-1fe7-44f7-bc05-c36de6f8ce66&format=default-slide-b_r-body Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://trans.firm.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Thu, 01 Jun 2023 18:13:16 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ea85e0d2791661b7583197a7a697f3d744f4eed6da73ac53c67436dbd40f315 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 411A	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET H2	200	177cbed865ace90cd245763dadef8805.jpeg cdn.adx1.com/ Frame 411A	19 KB 19 KB	122ms 46ms	Image image/jpeg	149.6.163.10 COGENT-174
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adx1.com/177cbed865ace90cd245763dadef8805.jpeg Requested by Host: trans.firm.in URL: https://trans.firm.in/img-640354e1dbc0c.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.6.163.10 Longjumeau, France, ASN174 (COGENT-174, US), Reverse DNS Software openresty/1.15.8.3 / Resource Hash b9ee7a723a5c9cea09029060301bbb7c0dc0f4338df7edb9f80ebb455d952c6a Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 18:13:16 GMT last-modified Sun, 13 Nov 2022 16:29:15 GMT server openresty/1.15.8.3 etag "63711b5b-4a7b" content-type image/jpeg cache-control max-age=1209600 accept-ranges bytes content-length 19067 expires Tue, 06 Jun 2023 14:48:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

go.eabids.com

URL

https://go.eabids.com/loadeactrl.go?pid=133467&spaceid=7648323&ctrlid=790159