urlscan.io logo urlscan.io
SecurityTrails logo

shavlik40.rssing.com Open in urlscan Pro
185.150.190.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shavlik40.rssing.com/
Effective URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Submission: On June 11 via manual from AE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 141 IPs in 16 countries across 134 domains to perform 568 HTTP transactions. The main IP is 185.150.190.192, located in United States and belongs to RELIABLESITE, US. The main domain is shavlik40.rssing.com.
TLS certificate: Issued by R3 on May 21st 2021. Valid for: 3 months.
This is the only time shavlik40.rssing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 4 185.150.190.192 23470 (RELIABLESITE)
2 2600:9000:211... 16509 (AMAZON-02)
34 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 216.58.212.130 15169 (GOOGLE)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 131.153.42.225 20454 (SSASN2)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 188.120.240.253 29182 (THEFIRST-AS)
2 2 199.232.189.171 54113 (FASTLY)
2 151.101.114.217 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 85.25.213.73 8972 (GD-EMEA-D...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42::645 54113 (FASTLY)
1 174.129.28.172 14618 (AMAZON-AES)
1 80.241.218.178 51167 (CONTABO)
1 45.60.31.181 19551 (INCAPSULA)
1 172.67.215.136 13335 (CLOUDFLAR...)
26 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.229.73.122 55660 (MWN-AS-ID...)
1 192.0.78.197 2635 (AUTOMATTIC)
1 172.67.8.209 13335 (CLOUDFLAR...)
1 2606:2800:233... 15133 (EDGECAST)
1 5.45.86.41 58061 (SCALAXY-AS)
2 2620:12a:8000::2 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 45.60.33.181 19551 (INCAPSULA)
1 192.0.77.2 2635 (AUTOMATTIC)
10 104.18.17.65 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
1 3.124.13.188 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.19.131.80 13335 (CLOUDFLAR...)
1 139.45.196.200 9002 (RETN-AS)
4 20 67.199.253.93 395344 (IVANTI-BD)
3 104.75.88.126 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 88.119.160.30 61272 (IST-AS)
1 2a02:26f0:120... 20940 (AKAMAI-ASN1)
1 211.115.109.71 3786 (LGDACOM L...)
1 2600:9000:211... 16509 (AMAZON-02)
1 87.98.239.3 16276 (OVH)
1 2.16.186.187 20940 (AKAMAI-ASN1)
11 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 104.18.16.65 13335 (CLOUDFLAR...)
1 2.18.235.40 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 11 46.249.52.248 50673 (SERVERIUS-AS)
2 185.184.8.65 204995 (RTB-HOUSE...)
2 136.144.59.88 54825 (PACKET)
2 178.162.133.150 60781 (LEASEWEB-...)
2 36 2606:4700:20:... 13335 (CLOUDFLAR...)
3 54 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 2a00:7c80:0:1... 49981 (WORLDSTREAM)
8 5.178.65.246 50673 (SERVERIUS-AS)
4 5 72.251.249.13 29791 (VOXEL-DOT...)
4 4 213.19.147.44 3356 (LEVEL3)
10 12 76.223.111.131 16509 (AMAZON-02)
2 2 213.19.147.45 26120 (RHYTHMONE)
28 37 37.252.173.27 29990 (ASN-APPNEX)
33 38 142.250.186.34 15169 (GOOGLE)
6 9 35.227.248.159 15169 (GOOGLE)
5 10 37.157.2.236 198622 (ADFORM)
3 199.232.137.44 54113 (FASTLY)
3 2607:ae80:2::49 26558 (FREEWHEEL)
5 185.64.190.78 62713 (AS-PUBMATIC)
6 6 2a05:d018:24:... 16509 (AMAZON-02)
8 8 34.243.30.18 16509 (AMAZON-02)
3 18.198.69.109 16509 (AMAZON-02)
3 3 151.1.205.165 3242 (ASN-ITNET)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
6 6 35.201.81.244 15169 (GOOGLE)
3 89.163.159.106 24961 (MYLOC-AS ...)
8 15 54.194.226.253 16509 (AMAZON-02)
3 3 212.82.100.182 34010 (YAHOO-IRD)
3 3 35.176.232.241 16509 (AMAZON-02)
3 34.98.67.61 15169 (GOOGLE)
9 34.252.147.38 16509 (AMAZON-02)
1 5 168.119.146.39 24940 (HETZNER-AS)
8 8 151.101.114.49 54113 (FASTLY)
3 3 184.30.20.207 16625 (AKAMAI-AS)
3 3 3.216.128.157 14618 (AMAZON-AES)
3 6 52.95.118.60 16509 (AMAZON-02)
3 4 23.45.99.241 16625 (AKAMAI-AS)
3 54.170.215.80 16509 (AMAZON-02)
4 4 88.214.206.142 46636 (NATCOWEB)
2 2 3.219.191.66 14618 (AMAZON-AES)
7 178.162.133.149 60781 (LEASEWEB-...)
8 9 18.156.0.31 16509 (AMAZON-02)
6 6 188.42.29.196 7979 (SERVERS-COM)
4 4 52.59.102.119 16509 (AMAZON-02)
16 46 2.18.234.21 16625 (AKAMAI-AS)
3 208.100.17.174 32748 (STEADFAST)
9 2.18.233.180 16625 (AKAMAI-AS)
3 51.89.9.252 16276 (OVH)
2 4 72.21.206.140 16509 (AMAZON-02)
1 1 34.233.101.234 14618 (AMAZON-AES)
2 3 159.253.128.183 36351 (SOFTLAYER)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 192.132.33.46 18568 (BIDTELLECT)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 52.45.55.28 14618 (AMAZON-AES)
2 2 54.78.251.22 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 37.157.6.241 198622 (ADFORM)
3 52.29.14.143 16509 (AMAZON-02)
1 2a0c:5c81:514... 55081 (24SHELLS)
1 35.156.10.121 16509 (AMAZON-02)
3 185.86.139.59 201081 (SMARTADSE...)
7 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.226 15169 (GOOGLE)
2 4 34.249.16.8 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.114.133 54113 (FASTLY)
6 52.17.241.173 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 142.250.185.230 15169 (GOOGLE)
4 54.224.40.151 14618 (AMAZON-AES)
1 151.101.14.133 54113 (FASTLY)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2.18.232.130 16625 (AKAMAI-AS)
4 68.232.35.16 15133 (EDGECAST)
1 2a0c:5c81:509... 55081 (24SHELLS)
4 4 35.186.253.211 15169 (GOOGLE)
1 3 62.149.0.72 15497 (COLOCALL ...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 213.155.156.181 1299 (TELIANET ...)
4 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
4 4 185.29.132.144 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 51.222.80.231 16276 (OVH)
3 185.64.190.80 62713 (AS-PUBMATIC)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 66.155.71.150 13768 (COGECO-PEER1)
5 5.178.65.252 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 34.193.191.157 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
2 69.173.144.139 26667 (RUBICONPR...)
2 37.252.173.22 29990 (ASN-APPNEX)
1 1 2001:678:cb4:... 56396 (TURN)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 99.86.241.64 16509 (AMAZON-02)
1 212.83.160.162 12876 (Online SAS)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 52.45.128.104 14618 (AMAZON-AES)
1 35.241.40.233 15169 (GOOGLE)
1 37.157.6.253 198622 (ADFORM)
1 3 3.122.214.165 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 142.250.186.66 15169 (GOOGLE)
568 141
4    185.150.190.192 (United States)

ASN23470 (RELIABLESITE, US)
shavlik40.rssing.com
2    2600:9000:211a:8a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
34    2606:4700:3032::ac43:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)
www.rssing.com
a.rssing.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
securepubads.g.doubleclick.net
7    2606:4700:20::ac43:4597 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
stats.vlitag.com
1    131.153.42.225 (Phoenix, United States)

ASN20454 (SSASN2, US)
d.smopy.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
3    2606:4700::6810:9e11 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.engine.4dsply.com
engine.4dsply.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    188.120.240.253 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: metal-tracker.com
en.metal-tracker.com
2    199.232.189.171 (Munich, Germany)

ASN54113 (FASTLY, US)
static1.businessinsider.com
2    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.insider.com
1    2a02:26f0:6c00:2bf::b48 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
e2e.ti.com
2    85.25.213.73 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: gallery.yopriceville.com
gallery.yopriceville.com
1    2606:4700:3032::ac43:b02d (United States)

ASN13335 (CLOUDFLARENET, US)
busyteacher.org
1    2606:4700:3031::6815:51f2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.heddels.com
1    2606:4700:20::681a:dab (United States)

ASN13335 (CLOUDFLARENET, US)
media.moddb.com
1    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
www.hrw.org
1    174.129.28.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-28-172.compute-1.amazonaws.com
waldo.villagesoup.com
1    80.241.218.178 (Munich, Germany)

ASN51167 (CONTABO, DE)
PTR: m1978.contaboserver.net
www.fide.com
1    45.60.31.181 (United States)

ASN19551 (INCAPSULA, US)
communities.bentley.com
1    172.67.215.136 (United States)

ASN13335 (CLOUDFLARENET, US)
trickbd.com
26    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
4.bp.blogspot.com
1.bp.blogspot.com
tpc.googlesyndication.com
1    2606:4700::6810:7fc7 (United States)

ASN13335 (CLOUDFLARENET, US)
community.cadence.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
1    103.229.73.122 (Indonesia)

ASN55660 (MWN-AS-ID PT Master Web Network, ID)
u.footballfonts.com
1    192.0.78.197 (United States)

ASN2635 (AUTOMATTIC, US)
directorsblog.nih.gov
1    172.67.8.209 (United States)

ASN13335 (CLOUDFLARENET, US)
files.ozbargain.com.au
1    2606:2800:233:23c9:90c:111f:15f5:25b6 (United States)

ASN15133 (EDGECAST, US)
img.huffingtonpost.com
1    5.45.86.41 (Meppel, Netherlands)

ASN58061 (SCALAXY-AS, NL)
PTR: mail.audiolove.club
audiolove.me
2    2620:12a:8000::2 (United States)

ASN54113 (FASTLY, US)
www.gameinformer.com
1    2a02:26f0:6c00:19e::3a15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
origin2.cdn.componentsource.com
1    2606:4700:20::681a:d0a (United States)

ASN13335 (CLOUDFLARENET, US)
www.farmprogress.com
1    45.60.33.181 (United States)

ASN19551 (INCAPSULA, US)
community.dynamics.com
1    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i1.wp.com
10    104.18.17.65 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
cm.adskeeper.com
s-img.adskeeper.com
1    2600:9000:206e:6600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    3.124.13.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-13-188.eu-central-1.compute.amazonaws.com
apis.quantcast.mgr.consensu.org
5    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.19.131.80 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
1    139.45.196.200 (United Kingdom)

ASN9002 (RETN-AS, GB)
dishesha.net
20    67.199.253.93 (Draper, United States)

ASN395344 (IVANTI-BD, US)
community.shavlik.com
3    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
1    2606:4700:3036::ac43:8f11 (United States)

ASN13335 (CLOUDFLARENET, US)
www.notiziepertutti.com
1    88.119.160.30 (United States)

ASN61272 (IST-AS, LT)
blog.resistance.lt
1    2a02:26f0:120:39a::3126 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tamil.samayam.com
1    211.115.109.71 (Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)
image.yes24.com
1    2600:9000:211a:3800:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)
c2.staticflickr.com
1    87.98.239.3 (Wroclaw, Poland)

ASN16276 (OVH, FR)
panismaczna.com
1    2.16.186.187 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-187.deploy.static.akamaitechnologies.com
stat.ameba.jp
11    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)
assets.vlitag.com
tag.vlitag.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
10    104.18.16.65 (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
11    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
ads.us.e-planning.net
sync.e-planning.net
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
36    2606:4700:20::681a:34e (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
54    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    2a00:7c80:0:121::2 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
ufo.approximity.com
8    5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
5    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
12    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
37    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
38    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
9    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
10    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
3    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
3    2607:ae80:2::49 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
8    34.243.30.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-30-18.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
3    151.1.205.165 (Bellagio, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
3    89.163.159.106 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
15    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
3    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    35.176.232.241 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
aa.agkn.com
3    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
9    34.252.147.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
5    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
8    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    3.216.128.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
6    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    54.170.215.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
4    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    3.219.191.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
7    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
9    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    188.42.29.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    52.59.102.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
46    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
3    208.100.17.174 (United States)

ASN32748 (STEADFAST, US)
ssc-cms.33across.com
9    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
1    34.233.101.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
3    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    52.45.55.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
2    54.78.251.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.adsolut.in
1    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    52.29.14.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
ice.360yield.com
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    35.156.10.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
hb.emxdgt.com
3    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
7    2606:4700:e0::ac40:621d (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
user-sync.adxpremium.services
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
9    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
29    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
4    34.249.16.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.adsafeprotected.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.krxd.net
6    52.17.241.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
1    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
4    54.224.40.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
consumer.krxd.net
1    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ec-ns.sascdn.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
3    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
2    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
2    213.155.156.181 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
pixel.onaudience.com
3    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    2606:4700:3033::ac43:dcda (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.rtbsrv.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
5    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
5    34.193.191.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-191-157.compute-1.amazonaws.com
a.audrte.com
1    2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    99.86.241.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-64.vie50.r.cloudfront.net
tags.crwdcntrl.net
1    212.83.160.162 (France)

ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
js.cookieless-data.com
1    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    52.45.128.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-128-104.compute-1.amazonaws.com
rtb.adentifi.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
1    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
cm.adform.net
3    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
58 googlesyndication.com
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
271 KB
58 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
254 KB
54 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
17 KB
46 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
50 KB
40 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
48 KB
38 rssing.com
shavlik40.rssing.com
www.rssing.com
a.rssing.com
279 KB
36 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
15 KB
24 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
23 KB
23 pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
82 KB
20 shavlik.com
community.shavlik.com
2 KB
20 adskeeper.com
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
cm.adskeeper.com
s-img.adskeeper.com
362 KB
16 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
20 KB
15 krxd.net
beacon.krxd.net
usermatch.krxd.net
cdn.krxd.net
consumer.krxd.net
91 KB
14 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
186 KB
13 yahoo.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
10 KB
12 adform.net
dmp.adform.net
adx.adform.net
c1.adform.net
cm.adform.net
5 KB
12 adsrvr.org
match.adsrvr.org
6 KB
11 googletagservices.com
www.googletagservices.com
272 KB
11 vlitag.com
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
stats.vlitag.com
253 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
5 KB
9 tapad.com
pixel.tapad.com
4 KB
9 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
5 KB
8 2mdn.net
s0.2mdn.net
357 KB
8 everesttech.net
sync-tm.everesttech.net
3 KB
8 demdex.net
dpm.demdex.net
8 KB
7 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
21 KB
7 adxpremium.services
rtb.adxpremium.services
user-sync.adxpremium.services
8 KB
7 mathtag.com
pixel.mathtag.com
sync.mathtag.com
4 KB
6 betweendigital.com
ads.betweendigital.com
3 KB
6 weborama.fr
idsync.frontend.weborama.fr
2 KB
6 tidaltv.com
sync.tidaltv.com
2 KB
5 audrte.com
a.audrte.com
6 KB
5 adtelligent.com
ghb.adtelligent.com
s.adtelligent.com
sync.adtelligent.com
3 KB
5 richaudience.com
sync.richaudience.com
1 KB
5 lijit.com
ap.lijit.com
3 KB
5 google-analytics.com
www.google-analytics.com
38 KB
4 openx.net
rtb.openx.net
1 KB
4 sascdn.com
ec-ns.sascdn.com
13 KB
4 smartadserver.com
prg.smartadserver.com
csync.smartadserver.com
3 KB
4 advertising.com
pixel.advertising.com
1 KB
4 admanmedia.com
cs.admanmedia.com
2 KB
4 bluekai.com
tags.bluekai.com
1 KB
4 1rx.io
sync.1rx.io
2 KB
4 blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
1.bp.blogspot.com
146 KB
3 eyeota.net
ps.eyeota.net
2 KB
3 owneriq.net
px.owneriq.net
1 KB
3 google.com
adservice.google.com
www.google.com
1 KB
3 360yield.com
ice.360yield.com
2 KB
3 sitescout.com
pixel-sync.sitescout.com
pixel.sitescout.com
886 B
3 simpli.fi
um.simpli.fi
2 KB
3 onetag-sys.com
onetag-sys.com
2 KB
3 33across.com
ssc-cms.33across.com
3 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
112 B
3 mookie1.com
odr.mookie1.com
536 B
3 agkn.com
aa.agkn.com
1 KB
3 theadex.com
dmp.theadex.com
1 KB
3 adition.com
dsp.adfarm1.adition.com
2 KB
3 bemail.it
bn01.er.bemail.it
2 KB
3 exelator.com
loadeu.exelator.com
972 B
3 fwmrm.net
dmp.v.fwmrm.net
1 KB
3 taboola.com
trc.taboola.com
293 B
3 4dsply.com
cdn.engine.4dsply.com
engine.4dsply.com
124 KB
3 consensu.org
quantcast.mgr.consensu.org
apis.quantcast.mgr.consensu.org
61 KB
2 turn.com
ad.turn.com
d.turn.com
836 B
2 dotomi.com
prebid-match.dotomi.com
casale-match.dotomi.com
291 B
2 rtbsrv.com
dmp.rtbsrv.com
1 KB
2 de17a.com
d5p.de17a.com
634 B
2 connectad.io
cdn.connectad.io
sync-eu.connectad.io
970 B
2 adroll.com
d.adroll.com
223 B
2 bttrack.com
bttrack.com
760 B
2 advangelists.com
nep.advangelists.com
449 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
980 B
2 approximity.com
ufo.approximity.com
559 B
2 a-mo.net
prebid.a-mo.net
179 B
2 creativecdn.com
prebid-eu.creativecdn.com
364 B
2 addthis.com
s7.addthis.com
190 KB
2 gameinformer.com
www.gameinformer.com
397 KB
2 yopriceville.com
gallery.yopriceville.com
417 KB
2 insider.com
i.insider.com
5 MB
2 businessinsider.com
static1.businessinsider.com
281 B
2 gstatic.com
fonts.gstatic.com
38 KB
2 googletagmanager.com
www.googletagmanager.com
71 KB
2 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
117 KB
1 brand-display.com
dmp.brand-display.com
151 B
1 adentifi.com
rtb.adentifi.com
88 B
1 cookieless-data.com
js.cookieless-data.com
367 B
1 navdmp.com
tag.navdmp.com
4 KB
1 onaudience.com
pixel.onaudience.com
400 B
1 criteo.com
dis.criteo.com
347 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 createjs.com
code.createjs.com
63 KB
1 google.de
adservice.google.de
799 B
1 emxdgt.com
hb.emxdgt.com
162 B
1 adsolut.in
cpm.adsolut.in
299 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
387 B
1 rfihub.com
p.rfihub.com
777 B
1 extend.tv
sync.extend.tv
546 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 addthisedge.com
v1.addthisedge.com
798 B
1 moatads.com
z.moatads.com
1 KB
1 ameba.jp
stat.ameba.jp
66 KB
1 panismaczna.com
panismaczna.com
18 KB
1 staticflickr.com
c2.staticflickr.com
107 KB
1 yes24.com
image.yes24.com
7 KB
1 samayam.com
tamil.samayam.com
57 KB
1 resistance.lt
blog.resistance.lt
20 KB
1 notiziepertutti.com
www.notiziepertutti.com
780 B
1 dishesha.net
dishesha.net
28 KB
1 adskeeper.co.uk
cdn.adskeeper.co.uk
2 KB
1 quantcount.com
rules.quantcount.com
438 B
1 wp.com
i1.wp.com
24 KB
1 dynamics.com
community.dynamics.com
19 KB
1 farmprogress.com
www.farmprogress.com
61 KB
1 componentsource.com
origin2.cdn.componentsource.com
28 KB
1 audiolove.me
audiolove.me
71 KB
1 huffingtonpost.com
img.huffingtonpost.com
24 KB
1 ozbargain.com.au
files.ozbargain.com.au
4 KB
1 nih.gov
directorsblog.nih.gov
68 KB
1 footballfonts.com
u.footballfonts.com
72 KB
1 youtube.com
img.youtube.com
18 KB
1 cadence.com
community.cadence.com
65 KB
1 trickbd.com
trickbd.com
116 KB
1 bentley.com
communities.bentley.com
5 KB
1 fide.com
www.fide.com
27 KB
1 villagesoup.com
waldo.villagesoup.com
35 KB
1 hrw.org
www.hrw.org
55 KB
1 moddb.com
media.moddb.com
81 KB
1 heddels.com
www.heddels.com
20 KB
1 busyteacher.org
busyteacher.org
65 KB
1 ti.com
e2e.ti.com
82 KB
1 metal-tracker.com
en.metal-tracker.com
8 KB
1 quantserve.com
secure.quantserve.com
9 KB
1 smopy.com
d.smopy.com
0 itdonga.com Failed
image.itdonga.com Failed
568 134
Domain Requested by
44 mwzeom.zeotap.com 2 redirects shavlik40.rssing.com
ads.pubmatic.com
spl.zeotap.com
ads.us.e-planning.net
38 cm.g.doubleclick.net 33 redirects googleads.g.doubleclick.net
37 dsum-sec.casalemedia.com 14 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
ssum.casalemedia.com
37 ib.adnxs.com 28 redirects spl.zeotap.com
www.rssing.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
32 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.us.e-planning.net
29 pagead2.googlesyndication.com shavlik40.rssing.com
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
22 tpc.googlesyndication.com shavlik40.rssing.com
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
20 community.shavlik.com 4 redirects shavlik40.rssing.com
18 www.rssing.com shavlik40.rssing.com
www.rssing.com
16 a.rssing.com www.rssing.com
15 s-img.adskeeper.com shavlik40.rssing.com
12 match.adsrvr.org 10 redirects ssum-sec.casalemedia.com
11 bcp.crwdcntrl.net 8 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
tags.crwdcntrl.net
11 www.googletagservices.com tag.vlitag.com
securepubads.g.doubleclick.net
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
www.googletagservices.com
10 spl.zeotap.com 1 redirects assets.vlitag.com
spl.zeotap.com
ads.us.e-planning.net
9 googleads.g.doubleclick.net 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
shavlik40.rssing.com
9 ads.pubmatic.com sync.quantumdex.io
ads.pubmatic.com
user-sync.adxpremium.services
ads.us.e-planning.net
9 ups.analytics.yahoo.com 8 redirects ssum.casalemedia.com
9 beacon.krxd.net spl.zeotap.com
shavlik40.rssing.com
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
cdn.krxd.net
ads.us.e-planning.net
bcp.crwdcntrl.net
9 pixel.tapad.com 6 redirects spl.zeotap.com
8 s0.2mdn.net shavlik40.rssing.com
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
s0.2mdn.net
8 sync-tm.everesttech.net 8 redirects
8 dpm.demdex.net 8 redirects
8 u-ams02.e-planning.net shavlik40.rssing.com
ads.us.e-planning.net
ssum.casalemedia.com
7 ssum-sec.casalemedia.com 2 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
7 sync.go.sonobi.com sync.quantumdex.io
ads.us.e-planning.net
7 ads.us.e-planning.net 4 redirects shavlik40.rssing.com
user-sync.adxpremium.services
6 static.adsafeprotected.com pixel.adsafeprotected.com
shavlik40.rssing.com
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net shavlik40.rssing.com
googleads.g.doubleclick.net
6 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 ads.betweendigital.com 6 redirects
6 aax-eu.amazon-adsystem.com 3 redirects shavlik40.rssing.com
ads.us.e-planning.net
6 idsync.frontend.weborama.fr 6 redirects
6 sync.tidaltv.com 6 redirects
5 a.audrte.com 2 redirects ads.us.e-planning.net
a.audrte.com
5 s.e-planning.net ads.us.e-planning.net
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 rtb.adxpremium.services www.rssing.com
s.adtelligent.com
ads.pubmatic.com
shavlik40.rssing.com
ads.us.e-planning.net
5 sync.richaudience.com 1 redirects spl.zeotap.com
ads.us.e-planning.net
5 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
5 dmp.adform.net 2 redirects spl.zeotap.com
5 ap.lijit.com 4 redirects www.rssing.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
shavlik40.rssing.com
4 sync.crwdcntrl.net bcp.crwdcntrl.net
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
user-sync.adxpremium.services
4 sync.mathtag.com 4 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 rtb.openx.net 4 redirects
4 ec-ns.sascdn.com csync.smartadserver.com
4 dt.adsafeprotected.com shavlik40.rssing.com
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
4 pixel.adsafeprotected.com 2 redirects 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 pixel.advertising.com 4 redirects
4 cs.admanmedia.com 4 redirects
4 tags.bluekai.com 3 redirects bcp.crwdcntrl.net
4 sync.e-planning.net shavlik40.rssing.com
ads.us.e-planning.net
sync.quantumdex.io
4 sync.1rx.io 4 redirects
4 shavlik40.rssing.com 3 redirects
3 ps.eyeota.net 1 redirects
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 simage2.pubmatic.com ads.pubmatic.com
3 sync.adtelligent.com 1 redirects s.adtelligent.com
3 prg.smartadserver.com www.rssing.com
3 ice.360yield.com www.rssing.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 onetag-sys.com sync.quantumdex.io
3 ssc-cms.33across.com sync.quantumdex.io
3 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
3 usermatch.krxd.net 3 redirects
3 pixel.mathtag.com 3 redirects
3 odr.mookie1.com spl.zeotap.com
3 aa.agkn.com 3 redirects
3 cms.analytics.yahoo.com 3 redirects
3 dmp.theadex.com spl.zeotap.com
3 dsp.adfarm1.adition.com 3 redirects
3 bn01.er.bemail.it 3 redirects
3 loadeu.exelator.com spl.zeotap.com
3 dmp.v.fwmrm.net spl.zeotap.com
3 trc.taboola.com spl.zeotap.com
3 assets.vlitag.com tag.vlitag.com
3 tag.vlitag.com services.vlitag.com
tag.vlitag.com
3 services.vlitag.com shavlik40.rssing.com
services.vlitag.com
3 securepubads.g.doubleclick.net shavlik40.rssing.com
securepubads.g.doubleclick.net
2 secure.adnxs.com ssum.casalemedia.com
ssum-sec.casalemedia.com
2 token.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
2 dmp.rtbsrv.com 2 redirects
2 d5p.de17a.com 2 redirects
2 user-sync.adxpremium.services www.rssing.com
user-sync.adxpremium.services
2 ad.doubleclick.net srcdoc
2 cdn.krxd.net s0.2mdn.net
cdn.krxd.net
2 www.google.com 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 d.adroll.com 2 redirects
2 bttrack.com ssum-sec.casalemedia.com
ssum.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 ms.quantumdex.io 2 redirects
2 nep.advangelists.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ufo.approximity.com 2 redirects
2 stats.vlitag.com tag.vlitag.com
2 useast.quantumdex.io assets.vlitag.com
2 apex.go.sonobi.com assets.vlitag.com
2 prebid.a-mo.net assets.vlitag.com
2 prebid-eu.creativecdn.com assets.vlitag.com
2 cm.adskeeper.com jsc.adskeeper.com
2 s7.addthis.com www.rssing.com
s7.addthis.com
2 www.gameinformer.com shavlik40.rssing.com
2 4.bp.blogspot.com shavlik40.rssing.com
2 gallery.yopriceville.com shavlik40.rssing.com
2 i.insider.com shavlik40.rssing.com
2 static1.businessinsider.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.engine.4dsply.com shavlik40.rssing.com
cdn.engine.4dsply.com
2 www.googletagmanager.com shavlik40.rssing.com
tag.vlitag.com
2 quantcast.mgr.consensu.org shavlik40.rssing.com
quantcast.mgr.consensu.org
1 ade.googlesyndication.com
1 d.turn.com 1 redirects
1 cm.adform.net
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 simage4.pubmatic.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 ssum.casalemedia.com ads.us.e-planning.net
1 secure-assets.rubiconproject.com 1 redirects
1 prebid-match.dotomi.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io user-sync.adxpremium.services
1 s.adtelligent.com user-sync.adxpremium.services
1 acdn.adnxs.com www.rssing.com
1 csync.smartadserver.com www.rssing.com
1 biddr.brealtime.com www.rssing.com
1 consumer.krxd.net cdn.krxd.net
1 code.createjs.com s0.2mdn.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 hb.emxdgt.com www.rssing.com
1 ghb.adtelligent.com www.rssing.com
1 adx.adform.net www.rssing.com
1 cpm.adsolut.in www.rssing.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.extend.tv 1 redirects
1 cdn.jsdelivr.net assets.vlitag.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 imasdk.googleapis.com tag.vlitag.com
1 stat.ameba.jp shavlik40.rssing.com
1 panismaczna.com shavlik40.rssing.com
1 c2.staticflickr.com shavlik40.rssing.com
1 image.yes24.com shavlik40.rssing.com
1 1.bp.blogspot.com shavlik40.rssing.com
1 tamil.samayam.com shavlik40.rssing.com
1 blog.resistance.lt shavlik40.rssing.com
1 www.notiziepertutti.com shavlik40.rssing.com
1 dishesha.net shavlik40.rssing.com
1 servicer.adskeeper.com jsc.adskeeper.com
1 cdn.adskeeper.co.uk shavlik40.rssing.com
1 c.adskeeper.com jsc.adskeeper.com
1 engine.4dsply.com cdn.engine.4dsply.com
1 apis.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 rules.quantcount.com secure.quantserve.com
1 jsc.adskeeper.com shavlik40.rssing.com
1 i1.wp.com shavlik40.rssing.com
1 community.dynamics.com shavlik40.rssing.com
1 www.farmprogress.com shavlik40.rssing.com
1 origin2.cdn.componentsource.com shavlik40.rssing.com
1 audiolove.me shavlik40.rssing.com
1 img.huffingtonpost.com shavlik40.rssing.com
1 files.ozbargain.com.au shavlik40.rssing.com
1 directorsblog.nih.gov shavlik40.rssing.com
1 u.footballfonts.com shavlik40.rssing.com
1 img.youtube.com shavlik40.rssing.com
1 community.cadence.com shavlik40.rssing.com
1 3.bp.blogspot.com shavlik40.rssing.com
1 trickbd.com shavlik40.rssing.com
1 communities.bentley.com shavlik40.rssing.com
1 www.fide.com shavlik40.rssing.com
1 waldo.villagesoup.com shavlik40.rssing.com
1 www.hrw.org shavlik40.rssing.com
1 media.moddb.com shavlik40.rssing.com
1 www.heddels.com shavlik40.rssing.com
1 busyteacher.org shavlik40.rssing.com
1 e2e.ti.com shavlik40.rssing.com
1 en.metal-tracker.com shavlik40.rssing.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 d.smopy.com shavlik40.rssing.com
1 fonts.googleapis.com shavlik40.rssing.com
0 image.itdonga.com Failed shavlik40.rssing.com
568 197
Subject Issuer Validity Valid
rssing.com
R3		 2021-05-21 -
2021-08-19		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
d.smopy.com
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
4dsply.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
metal-tracker.com
R3		 2021-06-02 -
2021-08-31		 3 months crt.sh
*.insider.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
www.ti.com.cn
DigiCert SHA2 Secure Server CA		 2020-09-16 -
2021-09-16		 a year crt.sh
gallery.yopriceville.com
R3		 2021-04-13 -
2021-07-12		 3 months crt.sh
www.hrw.org
R3		 2021-05-18 -
2021-08-16		 3 months crt.sh
*.villagesoup.com
Go Daddy Secure Certificate Authority - G2		 2020-08-10 -
2022-10-09		 2 years crt.sh
*.fide.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-05 -
2021-12-06		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-23 -
2021-09-21		 6 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
cadence.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
u.footballfonts.com
cPanel, Inc. Certification Authority		 2021-05-18 -
2021-08-16		 3 months crt.sh
tls.automattic.com
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
img.huffingtonpost.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-06-08		 2 years crt.sh
audiolove.me
Sectigo RSA Domain Validation Secure Server CA		 2021-02-02 -
2022-03-05		 a year crt.sh
gameinformer.com
R3		 2021-05-28 -
2021-08-26		 3 months crt.sh
secured2.san1.raxcdn.com
R3		 2021-05-25 -
2021-08-23		 3 months crt.sh
community.dynamics.com
Microsoft RSA TLS CA 02		 2020-10-21 -
2021-10-21		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
dishesha.net
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
community.ivanti.com
DigiCert SHA2 High Assurance Server CA		 2020-02-12 -
2022-02-16		 2 years crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
blog.resistance.lt
cPanel, Inc. Certification Authority		 2021-04-15 -
2021-07-14		 3 months crt.sh
mmnotification.indiatimes.com
DigiCert SHA2 Secure Server CA		 2021-04-23 -
2022-04-28		 a year crt.sh
*.yes24.com
Thawte RSA CA 2018		 2020-08-14 -
2022-09-09		 2 years crt.sh
static.flickr.com
Amazon		 2021-02-11 -
2022-03-12		 a year crt.sh
panismaczna.com
R3		 2021-04-20 -
2021-07-19		 3 months crt.sh
*.stat.ameba.jp
Cybertrust Japan SureServer CA G4		 2021-04-02 -
2022-04-30		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
ads.us.e-planning.net
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.a-mo.net
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.e-planning.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2021-06-08 -
2022-07-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.adsolut.in
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-09-22		 a year crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-05-06 -
2021-08-04		 3 months crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
consumer.krxd.net
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-09-14		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-08 -
2022-04-13		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-06-06 -
2021-09-04		 3 months crt.sh
sync.adtelligent.com
R3		 2021-06-05 -
2021-09-03		 3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
js.cookieless-data.com
R3		 2021-05-15 -
2021-08-13		 3 months crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.eyeota.net
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh

This page contains 71 frames:

Primary Page: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Frame ID: 7A276DEB072060F723F29B52CF5F6BB3
Requests: 177 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1623409075360647066426
Frame ID: 634A5F108E40D48C218A72E5D894BC0A
Requests: 1 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1623404854&d=1368&z=19080&divID=vi_136819080_263&w=728&h=90
Frame ID: 6461B2FA4A5D7B01869DB773C8EE7365
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: FA8BCC6922090182135E3B251504DFB4
Requests: 4 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1623404854&d=1368&z=19080&divID=vi_136819080_847&w=728&h=90
Frame ID: 3947425101BA979F49176FB10DBF5AE1
Requests: 2 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&cmp=0
Frame ID: 30C1F7BFF4EEA99C0FED34FBDC3FB120
Requests: 31 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&cmp=0
Frame ID: F57EE7B77B6E55C20BC16F9E2C039B19
Requests: 31 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: DA4985F953BC44DA754041F94D0ECE76
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 853F66C9A272F688599BA9675A875E0D
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: C3AB1E6286FC92ED923C742FCECDF16E
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: B231772FB50007B560CAC7D67D77DBE7
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 4FF1B52FB153CC5CCF84136547AA7002
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 686D2E42FF6DBF402483373A84AE77F5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 19D416D150B7F580B7F7280C8BE5156C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: A1B7D32604490C7A6F60D50724FA60DE
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 163F530F09CC0B4390CDB327FAAD6EB3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: B23CFD7385D382C4C78F9668FB5F8FFD
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 87EEE7F7B399F59FF828A1815179D1AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 4E3A1CEC2309C124DE40C47437A92842
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C9DA27B47CE297DEC6A39EC23663E1EE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE32F8BDF7549D1E2A6EF2A28AE76B0A
Requests: 1 HTTP requests in this frame

Frame: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1DB897F5939E2BBE1721804BCE30456A
Requests: 17 HTTP requests in this frame

Frame: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3DF8156EBFB5B90D21674A7D102EAED
Requests: 13 HTTP requests in this frame

Frame: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2571D3C9B5CE3D722454B32206D647EE
Requests: 19 HTTP requests in this frame

Frame: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 600E6BF9F3316FA3C60FEAAA396CFFF2
Requests: 17 HTTP requests in this frame

Frame: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56D372ABE37F13243AF84729E7733DA6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID39wIQ2PSumQIY68bjqAEwAQ&v=APEucNWm6yoMIve7bXTPt3cMkJOY1B9hZLrD8PpdJwVpo1e_RbySNB3GC2LDazO_pR4nTWO4Fs-Kd_UcnMxa746EftLcR3u-AGM_Ke3vh-QZYnf7bwucOr01-DLtWfx4M792HCQoYmvmqsxrb-nLHTFWIM5DPevluav8EPXOcuiID4v8xPOFGPk
Frame ID: FAE11379A77F38358DBE079E4BB06717
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGNaulqUBMAE&v=APEucNWYLkZU6fDr8guvfupKDW4SpX4f9wP4gFSQJoWxOYhXSvaf4T_Vs2K1KAMjpVGnKGzkOucwC5nkGEqDSMLKC1GErlTEQcmL60hE-JCKhiNBhEYlhDNmbyh1pWpswuxnm0QBNrGweRnfW2TYd_cEaPCggXReZ4qOM-jQPXnnv3VAJjn_KQY
Frame ID: 48C57534A838AAA18144E0A3323A7CF8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNXMMYi5-csjZRpGpKASkZkECFS1yF0aklvjSCqN5SdmxxbjK8Kf58aqeluNiRm9jzNDNDyZAoix0pkW9lL8UAL1hm5g5RtK-IGBpWD0lY1E_BJ62nMSnOg1lYG5GBCTmEy1Dw5rYFdEMZtjiRVmGk9HlSQ34BRfuT0J1NCagMOjmDO3PjE
Frame ID: D5E3BF3B1753B1C2AF209FF14EDD1D72
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGOvd_KQBMAE&v=APEucNVsfVpMQd3YWmo6REkz-WQKoN88q9Z9uWOf97GMY5N-OKFyXLiuVkJr0yFgWOUwDBZMl51GU5Ej5bMfbqFnirCYPfIkM4Gsvv9-MCXPShFfr6lcfWdghMMFurqAD_Jt0wqSraTkRAMy6weSpujrzTCxjgujT7tUwlvdyWZTZ2EYrp_qeNU
Frame ID: 862FFF2E28CE20325288B5329BD84197
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhjp_eyVATAB&v=APEucNXfiu1wJfeGzra8baQJk9qfD1xUJ92qL3UR9yFl0QIW20HmMRnZJwBFbDTZtaB6u3hkYDXEOof4jxKU6YmW516IIq3DfKE6UZE9YQi1fDItpwX9aS12sQLO3CzinBKqVCKfmp9NXNSrTFVfiO-ywne_MkJFKBPtoHF10YBdIJBJrTo8IqM
Frame ID: C1EF29AE9926F2578836D0FE74203910
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B74672FF2AC312864EE095E485ED62D8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 170F12D5207FDC1C1FFEA3347631C4F2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4765B8B166DEB66F69B81BFAA80AB209
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3A4D7AC37ADCE08BB8125BFC9885AB96
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/2128478866615035/index.html
Frame ID: 67BBD78C1F6CA105E9C40B4750BF64E2
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FF0891B1FB99DE7B9124EC7D7D631801
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adj/N1416456.3886603PMPRECISIONDE/B25762587.301404709;dc_ver=75.217;sz=728x90;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=943508953;ord=sq60m7;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCebW3vkHDYM2mF9O8lQetpZe4Dv-cpLZi37uvqtcN8C4QASC6xtluYJXikIKgB6AB3peotgHIAQmpAj2U7W7vcbQ-qAMBqgTtAU_Q38oA4JVQZq829x4qp5821bkaRQOs8U8dzmxnbwr4PBZz0ejDCKYGCUnAybnXsZHN9RZjraFVHSw65gnZsV3pCBMy0UOWc1Dd9-6Ns-wPu3OKrS6WF9jODxyaqszH7k1NjdWY17yflne3FL1Q131lCTLvtZZzhaLp3b6gcteoMllIpKElxlqBthRjoBCRsH6CWM0l8CIOBC_ZZeLADi9Ig8jkQloOTZKFltNI24m-R-E7B7IIWlhDXNm6GxGMJaCaNM5kj0SSrDRICPJcXy-4_4ynh-64s3Fs2hHIFpQrXvXU_CExaHJR59eeZcAEvInv7sYD4AQDkAYBoAZNgAeK6NfJAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATz4upC8gT6qrqCdATANgTCtgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRosjFbUcZVCrea2WwHdFKsSfS4vw%26sig%3DAOD64_18yXkHsRQw_2vCYpjSKN6uuUEcfw%26client%3Dca-pub-5259963630881660%26dbm_c%3DAKAmf-DakS4z5fIi1bR7Pm9NsbPX5fmAmHy1-4UJ_yHjPABm_v1l2ZHsGJ5NNd7R4MPJbahCUgJU8ffarCxDaavBcmfVix-yOP6iMwZgButX6tcKeeeS2-cnB7j4R0z1R5eNOYiHQmfjobdZj5AoJ5tvWIB3k4dhIQ%26dbm_d%3DAKAmf-Abhq9qNGpiebv14RJHpY0NRMAfVXRHaXPuKSc5BA-cj226Qd86bb6empAZBU9LJta6pmbTdMjLV1Ek3u9Aow6DvGpDWDZAkqlouhrPxp0nNpydGEpcY8LFOCbkCQXgW1MmoUJEJ8vnavBjfb_U_JRVNQtCiv0fYDjP0NeVNSsFO1JlOkFjw4VUTJb0f8NXDlBaHzKYFtfotNOGM9jP9uIEVC9XVCd8hyc5GHqOh0LaqLoP3tmWXqmOVl9b8lnFcQJ5NlywciiXmoySSo6Yd5gf9DbEkakOPq5Ozi6ydSk-2X3H2U1Ug7j2IoK0PBphUY_yHIxgayvCFcKiqvu5Zpf5iSK115BDVwShz4tFZ9wu1rsrIBHuZtuBFjbnETfmSNu2zRz1uwenQdk9gLZRyHX2rrdJ5OJ_TcjJlZOzuw0yL5iZ0FHphaZSKoBX055hX5YNdylVq7dmrhHwHULdJMohEXHsgxzzcaaZQXlWhD62VmKPjnEawui4G-p1y5S4Z9SVUpcj%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fshavlik40.rssing.com%2F$0;xdt=1;crlt=(6_Q!)1KY);cmpl=8;gcsr=a;osda=2;sttr=186;prcl=s
Frame ID: D94EE5D8256826F3B7C909646A359B37
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adj/N1416456.3886603PMPRECISIONDE/B25762587.301404700;dc_ver=75.217;sz=300x250;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=4188270527;ord=qeamcs;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCodgDvkHDYNCmF9O8lQetpZe4Dv-cpLZih7yvqtcN8C4QASC6xtluYJXikIKgB6AB3peotgHIAQmpAj2U7W7vcbQ-qAMBqgT0AU_QLivL2o_GQCrXc7_fpgdcQw_OIe0sdU8W3k5H9e9w2zY32Mbq4bVbgzn9gzcQlW4nIaJUtoghacaIFMH2TSmSbXB1Ph9SqMaeQ5TGsq_aUFDK5KPBlwA7tjMlQk8kwTE-z5FpMbYJ5t6FHWZyUJHkDV3Z8TmGjbsOREVgaZnzGDIMVIRPVAc9u9CZYux9ng_S4ddjTSp-lVOB495eVoCv_r2VdPvh8jP5-6pfcxu9bf_X9bH98CQMz65l_kqucQggLiPwBOWYpjNmkC391YVqpIpX1rGn5CBp3rUpEM2Ntd4btxa1A9YZIEupTDG_KG-xxcHABLyJ7-7GA-AEA5AGAaAGTYAHiujXyQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8-LqQvIE-qq6gnQEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGezvadCWuX44JevPvr3ILoYmQg%26sig%3DAOD64_2NKyV5P3-KiEFzjxylSIf_Cgi1wQ%26client%3Dca-pub-5259963630881660%26dbm_c%3DAKAmf-BaB3G4yzcYMKxArCzbOTd8g1DtGn146osl1a6LxxxMHgajMHRF0WpUSCm-oA9VSo_eXCzf1ruRgoggX_v10iksTQ9nL4mFz4u-35N2js4h6oPIE6yVq60d8Jo-n2Wy9-T--8UoS-0XDuA9hUi7G70mlm7f8Q%26dbm_d%3DAKAmf-AUinU13_dpexWXPBUS7HCKLD3ow5oE92i4kJ0gJ7kWkFNlhWs9OIzI_X2SlzEWNOrKrCLywjuiGEm-Ec5RgLp8H8kQQSVI1IgAWJwRPc2BbHmm_Vm_5qQGhiDF-P5ff_JwenwkXrbjR7XOHiT_wrHUwB_OFktVErKaVe38VQWgfbXSiSUWBLFGGvHi2gIE7imReuo2sfXaSuL83EBZou25BDtytDNlhBWwYxUSnYiaN2QqHlVM-qUrHySBRYY6lWzsgynjJXCG0765wevNb3lFS_M4Ze5yzKamOG3uKyrdnK98bQ-a8Ek6krIFt4JYLcc6LQyYBed1YwtCZZEVF59MPDz5hngE_dBMXFVfI9DYQmdiYDabBK0NNcDIJrPcczbyyEYb2by6OFYOSVw74-zUK4N-AFtVa91oPxkr7BG4iDfDYFIexFi90ZN5cxstFZOQLK7Ee0gzvH5jtE3b8IveqOHRWIlZrvtzX23tS9u8_LY3I2UEzKZMB8m1KwdIg3mHhtaf%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fshavlik40.rssing.com%2F$0;xdt=1;crlt=(6_Q!)1KY);cmpl=8;gcsr=a;osda=2;sttr=193;prcl=s
Frame ID: 1240DAE87FDCE44E58FFB9A4A164B68B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: B0F60BA30378B16312F040DED5C10C99
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 0381B3ACBD9776FB6D2FD49D83C79A02
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: 5BB5F74DA15BB82AC304B6CE2457537E
Requests: 4 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html?gdpr=1&gdpr_consent=
Frame ID: 3A67AE0606C309B31FAB40AB935E6403
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3503&dcid=6&iscname=false&cname=
Frame ID: BCAE8E2F8A9FB372A0340A71E140537D
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C9D77BFFC4BE5C681ED68E7F5870A185
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: 79669D8EB145DF655ED34FDD25B48AEE
Requests: 4 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: AD9FBDE4140BF6A09FAC075D250C1A28
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 8315FBB86D7748CD351AD0F040CA6EE3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 02673A9A7A20556E9E00BD6AE797D6D7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 35CFAF718CB7C31F9B1B034F5EBD7292
Requests: 14 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
Frame ID: 9BB236500E8D0A2460E902E44462E8C8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=218593125325017322
Frame ID: 5DC5BD5754A9C172C3714F1808C97A83
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1F76ED9913C536752AB882FC8BE427B7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
Frame ID: 34437CEF2BC3E595F8353D9F6C5123BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: C48986DF5116B80CAEFA32A3D7A4BC49
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 0488F2437480F35DADFB6F7FE51B3107
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65768D58ED28C976BF97B0EC941F9FBA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 0DAD197C66233D539159C89719C24B09
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D090d7dee2996ec37%26uid%3D
Frame ID: 18344ACD5216DA7830DBF1A513B0E9C9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 82EE9521986E14E8EA801B788C58969E
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Frame ID: 4859A14A36E98F5152174FC74BCF049E
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&cmp=0
Frame ID: 571C985EEC85F118D0080FFED97B0B38
Requests: 30 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 59A08D243A8BE01607B9DBD56A0982E8
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: E5FC32113EBF702E33E688708FEC265C
Requests: 9 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AApEFvWppQceSuVc
Frame ID: 5FA52F3B19A26B6150C1000CE0A966C0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: C5F5F8D359AE5E9D13B51A0EE082D739
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: DD354E3667194D3E73F266F7527C7B40
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: D803BF6ADADD665992881439BADFE40B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C50E17AB8C815EAF6FF7D982B0F024B9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 2E32F192BA0B0C255EBAEC8F76C687F3
Requests: 3 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Frame ID: 4CFE2C79ABC79F5A53217B5228EEB44B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://shavlik40.rssing.com/ HTTP 301
    https://shavlik40.rssing.com/ HTTP 301
    https://shavlik40.rssing.com/index.php HTTP 301
    https://shavlik40.rssing.com/chan-21784001/index-latest.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

568
Requests

100 %
HTTPS

31 %
IPv6

134
Domains

197
Subdomains

141
IPs

16
Countries

10483 kB
Transfer

15920 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shavlik40.rssing.com/ HTTP 301
    https://shavlik40.rssing.com/ HTTP 301
    https://shavlik40.rssing.com/index.php HTTP 301
    https://shavlik40.rssing.com/chan-21784001/index-latest.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://static1.businessinsider.com/image/5072f395eab8ea266900001e-400-299/lamborghini-logo.jpg HTTP 301
  • https://i.insider.com/5072f395eab8ea266900001e?width=400
Request Chain 33
  • https://static1.businessinsider.com/image/570e8e62dd089569448b4627-2666-2000/astronauts%20on%20iss.jpg HTTP 301
  • https://i.insider.com/570e8e62dd089569448b4627?width=2666
Request Chain 74
  • https://community.shavlik.com//beacon?t=1547834097374 HTTP 301
  • https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
Request Chain 116
  • https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?ct=1&rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&gdpr=1&gdprcs=
Request Chain 121
  • https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?ct=1&rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&gdpr=1&gdprcs=
Request Chain 141
  • https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2203/620-446/Bulletin.PNG HTTP 301
  • https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
Request Chain 148
  • https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2206/620-499/Targeting.PNG HTTP 301
  • https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
Request Chain 153
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D26a19ecf100f6a11 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=26a19ecf100f6a11&uid=020000009B41C3600F16BE7002205910
Request Chain 154
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D26a19ecf100f6a11%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D26a19ecf100f6a11%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=26a19ecf100f6a11&uid=921a2564ea3e6b106eb80d1b
Request Chain 155
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3175432216 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3175432216 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e0e65c91-f285-4edd-b20a-05a825954a3b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-504e2e31-51fa-493d-8792-f6d049bde754-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-504e2e31-51fa-493d-8792-f6d049bde754-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-504e2e31-51fa-493d-8792-f6d049bde754-003&dc=1079cc634ca638f8&iss=1
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEEINK1vSyjnv72JysVWay98&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Request Chain 160
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=c0a7c9d4-2887-4df3-abf7-109610cb2cec&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Request Chain 162
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=e0e65c91-f285-4edd-b20a-05a825954a3b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Request Chain 166
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f0a7b541-4427-4467-b74d-eb4bb1f4ead2&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 167
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6cf49440-70c5-4c60-7d76-081d4166477b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6cf49440-70c5-4c60-7d76-081d4166477b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=26683112261451962451255180073320464952&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Request Chain 169
  • https://bn01.er.bemail.it/zeotap.php?_bid=6cf49440-70c5-4c60-7d76-081d4166477b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-60361-0.594190001623409076-4edbaf98b1a0de395a5e09b058948b41&zdid=533&env=mWeb
Request Chain 170
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6972488902342277265&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Request Chain 172
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6cf49440-70c5-4c60-7d76-081d4166477b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6cf49440-70c5-4c60-7d76-081d4166477b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361&bounce=1&random=3672871239 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=BGS2H9Ud/cjgOcTj5hUjZe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Request Chain 174
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6cf49440-70c5-4c60-7d76-081d4166477b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=6cf49440-70c5-4c60-7d76-081d4166477b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Request Chain 175
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-kwMcDcZE2ooUbMyQa5YWgCNCiReo5YurFg--~A&zpartnerid=570&env=mWeb
Request Chain 176
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5tMGWk1s0awO%2Bk0rWtv4SXrC1X3eUqXx%2BS41iYitP1U%3D
Request Chain 180
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361&_test=YMNBuAABs9i6QwA4 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBuAABs9i6QwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&_test=YMNBuAABs9i6QwA4
Request Chain 181
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f06960c3-41b7-4900-84f1-2a9c84d390e3&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Request Chain 182
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OLLfrGwn&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=062e7137-d823-4611-68dc-7e4c637a8161
Request Chain 183
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf49440-70c5-4c60-7d76-081d4166477b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf49440-70c5-4c60-7d76-081d4166477b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&dcc=t
Request Chain 184
  • https://tags.bluekai.com/site/87734?id=6cf49440-70c5-4c60-7d76-081d4166477b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEP--lo7Igk1LwQfbYtVnRNo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Request Chain 189
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=c0a7c9d4-2887-4df3-abf7-109610cb2cec&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Request Chain 191
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=e0e65c91-f285-4edd-b20a-05a825954a3b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Request Chain 195
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f0a7b541-4427-4467-b74d-eb4bb1f4ead2&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 196
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=8aad5ec6-0351-4905-6784-b2cece3d271e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=8aad5ec6-0351-4905-6784-b2cece3d271e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=26683112261451962451255180073320464952&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Request Chain 198
  • https://bn01.er.bemail.it/zeotap.php?_bid=8aad5ec6-0351-4905-6784-b2cece3d271e&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-60843-0.599349001623409076-242d46f0db3f01d9ed4d297b140f916d&zdid=533&env=mWeb
Request Chain 199
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6972488902342998155&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Request Chain 201
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=8aad5ec6-0351-4905-6784-b2cece3d271e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=8aad5ec6-0351-4905-6784-b2cece3d271e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361&bounce=1&random=3660408727 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=BGS2H9Ud/cjgOcTj5hUjZe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Request Chain 203
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=8aad5ec6-0351-4905-6784-b2cece3d271e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=8aad5ec6-0351-4905-6784-b2cece3d271e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Request Chain 204
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-KqBAar9E2oqaA7uHymRoH9xv1Dz1j8jeoQ--~A&zpartnerid=570&env=mWeb
Request Chain 205
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9wO%2Bk0rWtv4Sf8PirGD5Hb%2F%2BS41iYitP1U%3D
Request Chain 209
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361&_test=YMNBuAABeUwAkgBg HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBuAABeUwAkgBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&_test=YMNBuAABeUwAkgBg
Request Chain 210
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=c31060c3-41b7-4d00-84cd-c4a1594cf8c8&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Request Chain 211
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OLLfrGwn&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2c173c83-5fe4-42a2-6ee3-f91bc1c26124
Request Chain 212
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=8aad5ec6-0351-4905-6784-b2cece3d271e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=8aad5ec6-0351-4905-6784-b2cece3d271e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&dcc=t
Request Chain 213
  • https://tags.bluekai.com/site/87734?id=8aad5ec6-0351-4905-6784-b2cece3d271e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 218
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=199231267590944042
Request Chain 219
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Request Chain 220
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-945ae32a-664b-4cc0-afa0-3630664c1e40
Request Chain 221
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5115196821678101337
Request Chain 222
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1344508669877963302
Request Chain 224
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=e6e63064-bed4-4d1b-a363-ca787facc32d
Request Chain 225
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=921a2564ea3e6b106eb80d1b
Request Chain 226
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eY5.uLRE2uGoiCvVmFz02iVxjAlvFONc_RTFAyg-~A
Request Chain 227
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f9b90fea-9493-51a2-b83e-1574d8fd54ce
Request Chain 228
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe34853b9-caa3-11eb-b120-02c6b318607c HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe34853b9-caa3-11eb-b120-02c6b318607c
Request Chain 229
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 234
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=555895650047099374
Request Chain 235
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cf67773c-da01-4518-b4e5-c08c73214ceb
Request Chain 236
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=921a2564ea3e6b106eb80d1b
Request Chain 237
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Gv5Px75E2uFcRTERugbS1ggG0b641ASI1kiMdqs-~A
Request Chain 238
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f9b90fea-9493-51a2-b83e-1574d8fd54ce
Request Chain 239
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe3482cbc-caa3-11eb-91b9-06d326095278 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe3482cbc-caa3-11eb-91b9-06d326095278
Request Chain 240
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Request Chain 241
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-4cd336af-9533-4117-a5d4-900cd2a3e460
Request Chain 242
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7998093916123561199
Request Chain 243
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3837297055171137116
Request Chain 245
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 251
  • https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2208/620-461/Validate.PNG HTTP 301
  • https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
Request Chain 252
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB&dcc=t
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwmz1XcIjHbQuiANrPh3J0&google_cver=1
Request Chain 255
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMNBuNfOSI6K4ot0PBE-8gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPBmweauThsgLhQI392LwI0&google_cver=1&gdpr=1
Request Chain 256
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=30a9113c-3a99-4ba6-82ae-3889ac99db40
Request Chain 257
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=436B45482C804B89A0EBA0DF250715BC&gdpr=1
Request Chain 258
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMNBuNfOSI6K4ot0PBE-8gAA%261153?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMNBuNfOSI6K4ot0PBE-8gAA%261153?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 259
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626001081
Request Chain 261
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMNBuNfOSI6K4ot0PBE-8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPBmweauThsgLhQI392LwI0&google_cver=1&gdpr=1
Request Chain 262
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB&dcc=t
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwmz1XcIjHbQuiANrPh3J0&google_cver=1
Request Chain 266
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595839025109 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595839025109&C=1
Request Chain 267
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=79e98638-b70f-4a02-b0f3-8875d332e6bd&expiration=1654945081
Request Chain 268
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Request Chain 359
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Request Chain 361
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Request Chain 363
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBCZLWx4ASzUoyvUUYupHq8&google_cver=1&google_hm=2
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Request Chain 365
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Request Chain 367
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Request Chain 369
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxMzM4NjE4NzA2ODgzMDIyMA%3D%3D
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Request Chain 371
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Request Chain 373
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Request Chain 375
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Request Chain 377
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Request Chain 406
  • https://pixel.adsafeprotected.com/rfw/st/695971/54149685/skeleton.js?adsafe_url=https%3A%2F%2Fshavlik40.rssing.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dfeaddd4-b474-7725-27dc-278ae130c8ff,c:fejpAT,sl:na,em:true,fr:false,mn:app27ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,fm:sA1t5xM+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b*.695971-54149685%7C1b1%7C1b21%7C1b3%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1e1%7C1e21%7C1e3%7C1f1%7C1f21%7C1g,idMap:1b*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:338,oid:e73370d5-caa3-11eb-babb-02617d9e854e,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 408
  • https://pixel.adsafeprotected.com/rfw/st/695971/54149679/skeleton.js?adsafe_url=https%3A%2F%2Fshavlik40.rssing.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:66f77006-f994-5bcf-bb11-eb3a2bb36876,c:fejpBw,sl:na,em:true,fr:false,mn:app10ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,fm:sA1t5yk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b1%7C1b21%7C1b3%7C1b4%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1e*.695971-54149679%7C1e1%7C1e21%7C1e3%7C1f1%7C1f21%7C1g,idMap:1e*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:342,oid:e733702c-caa3-11eb-b94a-0634eb268b40,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 437
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1b8421ed-5703-4197-9554-e2f4b81529db
Request Chain 438
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=402987595176389845
Request Chain 439
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=145c60f217234705
Request Chain 445
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
Request Chain 446
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=218593125325017322
Request Chain 449
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ooWVb5-NS5C_CtDUsF1OrQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ooWVb5-NS5C_CtDUsF1OrQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 450
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a0bd60c3-41c2-4800-8c9a-97133e09889a
Request Chain 451
  • https://pixel.onaudience.com/?partner=214&mapped=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=c3ce3629d3af43b1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=43f210c5-f10e-4a50-4219-13964541bd9c&zcluid=c3ce3629d3af43b1&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIwshdqkRVkXY-Cd93w5PAM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=43f210c5-f10e-4a50-4219-13964541bd9c&zcluid=c3ce3629d3af43b1&zdid=1332
Request Chain 452
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI4NTk1NkYtOUY4RC00QjkwLUJGMEEtRDBENEIwNUQ0RUFE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI4NTk1NkYtOUY4RC00QjkwLUJGMEEtRDBENEIwNUQ0RUFE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOuqW1w77ugs_074AgiGpeQ&google_cver=1
Request Chain 455
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:24b460c3-41c2-4e00-a917-38fd4e0682da&gdpr=0&gdpr_consent=
Request Chain 456
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9039414705836210164
Request Chain 457
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6f103a9e-7a78-460e-88cb-89c62cdec4a8
Request Chain 458
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8229070390064693533&gdpr=0&gdpr_consent=
Request Chain 460
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=fdXEeAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcDjTH8 HTTP 302
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=8229070390064693533&mpk=fdXEeAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcDjTH8 HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=8229070390064693533
Request Chain 464
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Request Chain 468
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D090d7dee2996ec37 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=090d7dee2996ec37
Request Chain 469
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1932381939 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6f103a9e-7a78-460e-88cb-89c62cdec4a8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3b997203-8933-416c-990c-de63b4816cfa-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-3b997203-8933-416c-990c-de63b4816cfa-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-3b997203-8933-416c-990c-de63b4816cfa-003&dc=1079cc634ca638f8&iss=1
Request Chain 473
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D090d7dee2996ec37%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D090d7dee2996ec37%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=090d7dee2996ec37&uid=adf72298-7c45-4bc4-82c7-044e54b0019b
Request Chain 477
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D090d7dee2996ec37 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 478
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D090d7dee2996ec37%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=090d7dee2996ec37&uid=8229070390064693533
Request Chain 480
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-B.U78O9E2uHLC6JOBdulOzSKC33qEw7mWYe0rCE-~A
Request Chain 481
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D090d7dee2996ec37%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=090d7dee2996ec37&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Request Chain 482
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D090d7dee2996ec37 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=090d7dee2996ec37&uid=02000000A841C3600F16BE7002D86210
Request Chain 484
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 492
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4591154937601951063
Request Chain 493
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=24b460c3-41c2-4e00-a917-38fd4e0682da&gdpr=1&gdpr_consent=
Request Chain 495
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 497
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6766954921974532426&uid=Q6766954921974532426&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 498
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMNBv9L1w5WVmz.gj9C4lQAA%261152?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMNBv9L1w5WVmz.gj9C4lQAA%261152?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 501
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b66880fd-ef5d-44f8-b867-6143d29b66ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Request Chain 503
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6f103a9e-7a78-460e-88cb-89c62cdec4a8&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Request Chain 507
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=df9fbac4-d3e4-4740-a6bc-3d74dd448bff&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 508
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0c21c3f8-921f-4e24-661f-7a85a59525da&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0c21c3f8-921f-4e24-661f-7a85a59525da&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=80997594525138464520344867847548925475&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Request Chain 510
  • https://bn01.er.bemail.it/zeotap.php?_bid=0c21c3f8-921f-4e24-661f-7a85a59525da&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-82529-0.512805001623409089-949862dba654f642546109f4a10ed56c&zdid=533&env=mWeb
Request Chain 511
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6972488958174427275&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Request Chain 513
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0c21c3f8-921f-4e24-661f-7a85a59525da&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0c21c3f8-921f-4e24-661f-7a85a59525da&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361&bounce=1&random=2446773519 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=FwcLJBupu5uGwJUct.P7M.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Request Chain 515
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0c21c3f8-921f-4e24-661f-7a85a59525da?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Request Chain 516
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-Xlq8TuZE2ooFyEUTgOy140hPOcWuw0EnRw--~A&zpartnerid=570&env=mWeb
Request Chain 517
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=QyOBNt78EX0O%2Bk0rWtv4SU5eIZTq1JBS%2BS41iYitP1U%3D
Request Chain 521
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361&_test=YMNBxAABs9ZHiwA4 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBxAABs9ZHiwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&_test=YMNBxAABs9ZHiwA4
Request Chain 522
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=24b460c3-41c2-4e00-a917-38fd4e0682da&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Request Chain 523
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Request Chain 524
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c21c3f8-921f-4e24-661f-7a85a59525da&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c21c3f8-921f-4e24-661f-7a85a59525da&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&dcc=t
Request Chain 525
  • https://tags.bluekai.com/site/87734?id=0c21c3f8-921f-4e24-661f-7a85a59525da&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 534
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AApEFvWppQceSuVc
Request Chain 536
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8229070390064693533
Request Chain 537
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=c531742f-5f83-51a2-a701-3784c7c27640
Request Chain 538
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8229070390064693533
Request Chain 539
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8229070390064693533
Request Chain 540
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Request Chain 542
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-B.U78O9E2uHLC6JOBdulOzSKC33qEw7mWYe0rCE-~A
Request Chain 548
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623495492&gdpr=1
Request Chain 549
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A2B5B46AED9243C4A25F811AC9CAE2CB&gdpr=1
Request Chain 551
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626001092
Request Chain 562
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5264230086538298273 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
Request Chain 563
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
Request Chain 564
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=&google_gid=CAESENPFSiTBxOXKxr0q09qm6MM&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 565
  • https://bcp.crwdcntrl.net/5/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Request Chain 566
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YMNBxwABtBlvnAA4 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YMNBxwABtBlvnAA4&_test=YMNBxwABtBlvnAA4
Request Chain 568
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f66fc8df0c296c63017bcdd5d11c4974&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=f66fc8df0c296c63017bcdd5d11c4974&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=71107582387503281020218287848111741858
Request Chain 570
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=22b460c3-41c7-4c00-863d-cdfeea4f2513
Request Chain 571
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/f66fc8df0c296c63017bcdd5d11c4974/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4299772072640709599

568 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index-latest.php
shavlik40.rssing.com/chan-21784001/
Redirect Chain
  • http://shavlik40.rssing.com/
  • https://shavlik40.rssing.com/
  • https://shavlik40.rssing.com/index.php
  • https://shavlik40.rssing.com/chan-21784001/index-latest.php
151 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.150.190.192 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.0.25
Resource Hash
614a6f34caa2e73d99e4ce27ceb3eff43820816dd12f115770b1ce66a10e6262
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
shavlik40.rssing.com
:scheme
https
:path
/chan-21784001/index-latest.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
rl=4h4c40Iw9Q10N67B2483
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.18.0
date
Fri, 11 Jun 2021 10:57:54 GMT
content-type
text/html; charset=UTF-8
content-length
23154
vary
CF-Connecting-IP,Accept-Encoding
x-powered-by
PHP/7.0.25
cache-control
max-age=0
expires
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
gzip
access-control-allow-origin
*
access-control-allow-headers
*
access-control-allow-methods
*
content-security-policy-report-only
content-security-policy
block-all-mixed-content
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff

Redirect headers

server
nginx/1.18.0
date
Fri, 11 Jun 2021 10:57:54 GMT
content-type
text/html; charset=UTF-8
content-length
0
x-powered-by
PHP/7.3.21
set-cookie
rl=4h4c40Iw9Q10N67B2483; path=/; domain=.rssing.com; HttpOnly
vary
CF-Connecting-IP,X-Nginx-Scheme
location
//shavlik40.rssing.com/chan-21784001/index-latest.php
cache-control
max-age=0
expires
Fri, 11 Jun 2021 10:57:54 GMT
access-control-allow-origin
*
access-control-allow-headers
*
access-control-allow-methods
*
content-security-policy-report-only
content-security-policy
block-all-mixed-content
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff
choice.js
quantcast.mgr.consensu.org/choice/KygWsHah2_7Qa/rssing.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/KygWsHah2_7Qa/rssing.com/choice.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1fb30bf5acb29621012b6283f7c3398c2ded7ac4adcc1d41eaaef6244a931dd

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 11 Jun 2021 10:57:11 GMT
content-encoding
br
last-modified
Wed, 05 May 2021 19:26:43 GMT
server
AmazonS3
age
79
etag
W/"094af575d9b2683dbd248df3c027aee8"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
JMU6gqMYnlYlXHKN4Hhc8nwXDe3LoxtApqblVqjb5YTWyiJExtZ8rQ==
fontello.woff
www.rssing.com/inc2/fonts/Fontello/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/inc2/fonts/Fontello/fontello.woff
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e127db06aa78d74b81800864cd6e5b2917d5836ce69ba9ec7e8f277393eac8f2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Origin
https://shavlik40.rssing.com
Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1841
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b96300004e566921a000000001
last-modified
Mon, 12 Dec 2016 23:20:35 GMT
server
cloudflare
etag
W/"a28-5437e59cb76c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XzOYB7cq90tArHcqlKb%2FliZba4bMlnudvns0Hi9D4TVDftH6uBmGqpoQsDvz1jvkwBgAioKk97Dou3O0zvXe1uq%2BJFB0qIRb2zbqJPGtKZ7uKD%2BqD2798u5DoSHWuhAr%2FCImROOpSJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
cf-ray
65da523bdc494e56-FRA
access-control-allow-headers
*
expires
Sun, 11 Jul 2021 10:27:13 GMT
FontAwesome.ttf
www.rssing.com/inc2/css/icomoon/fonts/ 		12 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/inc2/css/icomoon/fonts/FontAwesome.ttf
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1069b3eeebfff2d32141587e8b9663c74b02a5c173e740f3bc8dcdec122f45
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Origin
https://shavlik40.rssing.com
Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1840
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b96300004e56a1002000000001
last-modified
Wed, 12 May 2021 22:43:26 GMT
server
cloudflare
etag
W/"2f48-5c229bd213b55-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8mhuud%2FItIPlWFFU8WSooRUgCpazhepU7t7tqr%2FStwEp6ctO%2F61AiYioGosryG6ETSz2winHQs8wV4IQulZMxuCY8JGjrVTtzweScPMoT0c%2FQizgkdrsu5tQvvXz%2Fa%2FgIyK43Tises0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
cf-ray
65da523bdc4c4e56-FRA
access-control-allow-headers
*
expires
Sun, 11 Jul 2021 10:27:14 GMT
prebid.js
www.rssing.com/inc2/js/ 		252 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c3622d2bd6045cc9d85820972dbc1be5838ee2b0b18dc215a726967fc3bf85
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2547757
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b99c00004e37e5abe000000001
last-modified
Sat, 20 Mar 2021 20:38:18 GMT
server
cloudflare
etag
W/"3f16b-5bdfdd0109595-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BQzvGWW3IWFBl7mNSE9%2B6K4e3aDIytTIseuHUTejAOF5l5ug5X7Y2OhbVZdn41VPbmkBLoFDtul9EdYuVY1nVPHUNernDQU9kgU7dVhtKkC63nOzZ55xELtudQ9oRTJMBnQVHL%2FdmRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
cf-ray
65da523c2ee84e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:15:17 GMT
style.css
www.rssing.com/inc2/css/icomoon/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/inc2/css/icomoon/style.css?id=71
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
753ad890aa212f6b13cdcba6566985206baf5933db91bfcbe4bfd3e9ff088e03
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
43968
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b962000005c49221e000000001
last-modified
Wed, 12 May 2021 22:43:26 GMT
server
cloudflare
etag
W/"ea0-5c229bd206865-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b9qYn6EVmabejHpHY1v5T2Z0rdAlQ9lp%2FhMe5d0IVEHSoSu3WwGyKE8HfYZQWGIcIMTC%2Bn4Egrz8llDpSvL8o4W1LthxBDRwpTd112hRu17gViWALY9lzhQ%2FXcZ4YZUI9D0zu97u4I0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
cf-ray
65da523bcb3a05c4-FRA
access-control-allow-headers
*
expires
Sat, 10 Jul 2021 22:45:06 GMT
all.css
www.rssing.com/inc2/css/ 		221 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/inc2/css/all.css?id=71
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8575558889eeb30c57d89526429a6b21b10fa4398d5a9970bad24f51278d0bd0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
43968
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b963000005c4b6bf6000000001
last-modified
Thu, 10 Jun 2021 22:44:34 GMT
server
cloudflare
etag
W/"373ee-5c47122a1b4d9-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Euc%2FetRCPKGNoonAE%2BbL8QR8gsN3TK9nFYB7bV9YipfSFKWXLdgSDNneR8V2kycqhfmm1vfHXdEckgYeHlwqM17KOkbjNMyARE2mxqhiV%2F1FSdwQkhd6oUH7SFTTSoP5q4g2y6gqn9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
cf-ray
65da523bdb3e05c4-FRA
access-control-allow-headers
*
expires
Sat, 10 Jul 2021 22:45:06 GMT
css
fonts.googleapis.com/ 		3 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9b07f182a7010f77ebe9f05d09268aa07ffb435f4f6b15e37c442c49e01a60b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 09:27:00 GMT
server
ESF
date
Fri, 11 Jun 2021 10:57:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Jun 2021 10:57:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
ffb6273334bf458133e8750475a0984a7360b978b996b611ac559c6a569e1863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"899 / 461 of 1000 / last-modified: 1623404399"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21444
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:57:54 GMT
/
services.vlitag.com/adv1/ 		932 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=0f8e9718699fbe484d62023a1d28b989
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f19bfde9b538d1a1e4237a205dd3824d1db759a82492e442581fa9bf5aa39cef
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b9a900003248fb0f7000000001
pragma
no-cache
last-modified
Fri, 11 Jun 2021 10:57:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PDjs9fIjRbNM%2FxSvCWAmTOPvsdtPhUr%2FzYUd%2F%2FZ%2F5FU1%2FRS%2BJI85%2Fx4Z7Uh8NSjsovBVG%2F84NTU%2FCiXez57bZWnpTc7e0BfZoZgx%2FfTT%2BbgnRj7%2BFQN2q%2BqRr3AEoivzwCt63AT5ClZGt2cs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
65da523c4ff23248-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
/
d.smopy.com/d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d.smopy.com/d/?resource=pubJS
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.153.42.225 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
nginx / Express
Resource Hash

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:57:55 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
ETag
W/"b-cEN6MKefADJ1aAV2WmWqUtBSgdI"
Content-Length
11
Content-Type
text/html; charset=utf-8
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17602094-1
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8427f3e98880f327b7c58593f43e056df760e2cb7c5fe5d8d4601d36e85ebe5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36078
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 10:57:54 GMT
star_full.png
www.rssing.com/inc2/img/ 		950 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rssing.com/inc2/img/star_full.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db9817aad542983eb70b0f371cad4a37b48250d7de76938b88c6047f28c8b8c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2547779
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
950
cf-request-id
0a9c51b99c00004e3722996000000001
last-modified
Thu, 23 Apr 2020 16:42:30 GMT
server
cloudflare
etag
"3b6-5a3f7ef43c980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=m5eYjKMHNEphoLOfPJ1%2BkZArcbpp%2FsnEZAuHlh%2Fc%2BUTT7b6KkEdOLB7Ge%2B642Zh4V4YRBqF%2BINQYqFe%2FvcPGB%2BjCEvECQm6sLwUCz5ENk1pDjhxqtBrJCOhd3gfcGXZSb7psXcEVPkA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme, Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
accept-ranges
bytes
cf-ray
65da523c2ee44e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:14:55 GMT
tsbtn.png
www.rssing.com/inc2/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rssing.com/inc2/img/tsbtn.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def71a10ebaddc43aa9404a5071b8580f023260ec128cf97a20eb86990fa038e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2547779
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3790
cf-request-id
0a9c51b99c00004e371ebd2000000001
last-modified
Thu, 23 Apr 2020 16:42:30 GMT
server
cloudflare
etag
"ece-5a3f7ef43c980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4RU2doNaIadIIcGcNp023yA9AKZG4EBMM4Iho%2BR7rkFxW9NRqKy7B5SeNm5bcrRYF4vrfLVN6d3KJj9%2FqKVBkKAAG%2FTylP8SKQ5xcbnkkRRNGeTNtACPUT7CqAHPcE%2FUOWa0G8OTfJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme, Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
accept-ranges
bytes
cf-ray
65da523c2eea4e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:14:55 GMT
matult.jpg
www.rssing.com/inc2/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rssing.com/inc2/img/matult.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968106bd5e3b070fea7365377dc7494ff8de7c44524defc0e8e91de7e2280e28
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2547779
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1237
cf-request-id
0a9c51b99d00004e37e19af000000001
last-modified
Thu, 23 Apr 2020 16:42:29 GMT
server
cloudflare
etag
"4d5-5a3f7ef348740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YdOjSDk65d3NWL6I3VOT2fEoX%2B9MBml6q4l8tgn4bVczo1k%2BAv8rT4wxoV3gBmfwwP%2Bx7w2X3om79GXrGzhk3DEKpnlLpEEGdTl2NkkinxGgZsmx0y6t%2FakuuQG9hChOGd7t219T9wc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme, Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
accept-ranges
bytes
cf-ray
65da523c2eeb4e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:14:55 GMT
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/KygWsHah2_7Qa/rssing.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 18 Jun 2021 10:57:54 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		234 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=rssing.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/KygWsHah2_7Qa/rssing.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ddef05ee7b0caa6fd9be281a5b4e53ada42bff7814578d748144f2f9181e476

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:28 GMT
content-encoding
br
age
26
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 13 May 2021 19:03:54 GMT
server
AmazonS3
etag
W/"2848b39634e3b71d7b4f01531f83807a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
mfO4fuLEsIgesNmLKUh_x0Tw6qHzle8qUeC1KWqwqYyTPHzNEij36A==
infinity.js.aspx
cdn.engine.4dsply.com/Scripts/ 		179 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=e09c99be-cd96-4474-96cf-c961092fabe6
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
54e4cf5a14a346ff78681451ad4d15c99bf095e2819236dcd4eba1c1129f1e21

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
gzip
cf-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
age
19
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
public, no-transform, max-age=900
cf-ray
65da523c5adac2ea-FRA
content-type
application/x-javascript; charset=utf-8
cf-request-id
0a9c51b9b60000c2ea9f14f000000001
symphony.webp
www.rssing.com/inc2/img/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rssing.com/inc2/img/symphony.webp
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/css/all.css?id=71
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3d886350d9dd9c1a9796ad7b04c892f77288f5d338cc6a513ed5edd9c22265
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rssing.com/inc2/css/all.css?id=71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
128520
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b99c00004e3741248000000001
last-modified
Sun, 31 May 2020 14:47:38 GMT
server
cloudflare
etag
W/"4c06-5a6f2c27d74ad-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N3SMulww3AUa6bApwbsNEsNzefqWgdy50E7vGJC0vgWkFOGbLAeI15F%2FHXZHsmnDm%2FSG1QoTDz19pv7lqWm9ddfem4Eufy1YSjYYke%2FfNKKa3Ku7hnlJmre7LcmS0epGoTuCMt8%2B%2FPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=172800
content-security-policy
block-all-mixed-content
cf-ray
65da523c2ee74e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:15:54 GMT
FontAwesome.ttf
www.rssing.com/inc2/css/icomoon/fonts/ 		12 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/inc2/css/icomoon/fonts/FontAwesome.ttf?sq29h3
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/css/icomoon/style.css?id=71
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1069b3eeebfff2d32141587e8b9663c74b02a5c173e740f3bc8dcdec122f45
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Origin
https://shavlik40.rssing.com
Referer
https://www.rssing.com/inc2/css/icomoon/style.css?id=71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1840
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b9a800004dfa3b2ed000000001
last-modified
Wed, 12 May 2021 22:43:26 GMT
server
cloudflare
etag
W/"2f48-5c229bd213b55-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aah8m2y1%2FniuA9tKOHykwPMoF81t6k0CroedJtldBkLPpnxNqYjqr%2F2Zlnc%2BDxAVBRTwdAGxjdOMGN7VdzzMb8gxJXx7B99elxuX4zjy8VyFuoHBztnJkMcdvssdERlTuWmuV8sl%2FEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
cf-ray
65da523c3b3f4dfa-FRA
access-control-allow-headers
*
expires
Sun, 11 Jul 2021 10:27:14 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shavlik40.rssing.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 11:22:40 GMT
x-content-type-options
nosniff
age
257714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 11:22:40 GMT
2714110.jpg
en.metal-tracker.com//cache_images/index/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.metal-tracker.com//cache_images/index/2714110.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
188.120.240.253 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
metal-tracker.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f7acfa410a7369f69bcb885968b0729da769fec20822d8bdd75720be4271538f

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:57:54 GMT
Last-Modified
Thu, 03 Oct 2019 12:30:54 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5d95e9fe-1e1b"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7707
Expires
Fri, 18 Jun 2021 10:57:54 GMT
5072f395eab8ea266900001e
i.insider.com/
Redirect Chain
  • https://static1.businessinsider.com/image/5072f395eab8ea266900001e-400-299/lamborghini-logo.jpg
  • https://i.insider.com/5072f395eab8ea266900001e?width=400
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.insider.com/5072f395eab8ea266900001e?width=400
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
802b1e63831a896291891a7bae00b8a3d233bb38c9f5a4610f3abeecfbcc7297

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
via
1.1 varnish, 1.1 varnish
age
63723
x-cache
HIT, HIT
fastly-io-info
ifsz=30144 idim=909x681 ifmt=jpeg ofsz=6940 odim=400x300 ofmt=webp
fastly-stats
io=1
content-length
6940
x-amz-id-2
nE7ouQQ999kZoJALGjGX7CeyvRQOJVpE53PlcCnVNy+OwjZFIWB25IF06a51YJmcJY9ZMjHNDpQ=
x-served-by
cache-bwi5125-BWI, cache-hhn4052-HHN
server
AmazonS3
x-timer
S1623409075.763814,VS0,VE0
etag
"91Hniej8a0DYk/RySm+peN6dtg8Dy3Xvi0RX/QKJFaQ"
vary
Accept
x-amz-request-id
X57ND86R0W955WW5
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-type
image/webp
x-cache-hits
2, 36

Redirect headers

date
Fri, 11 Jun 2021 10:57:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623409075.672876,VS0,VE0
x-served-by
cache-muc13948-MUC
x-cache
HIT
location
https://i.insider.com/5072f395eab8ea266900001e?width=400
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
linker.JPG
e2e.ti.com//resized-image/__size/1230x0/__key/communityserver-discussions-components-files/112/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e2e.ti.com//resized-image/__size/1230x0/__key/communityserver-discussions-components-files/112/linker.JPG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::b48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
093cf6102b371798506f9f2bfbcdcb9eb4622bb709ec60a2c3ebb7007167220a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self';
X-Content-Type-Options
nosniff
X-ASPNET-VERSION
Content-Disposition
inline; filename=linker.JPG-1230x0.jpg
Connection
keep-alive
Content-Length
82849
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
X-Telligent-Evolution
11.x
Last-Modified
Mon, 01 Apr 2019 10:55:50 GMT
Server
Date
Fri, 11 Jun 2021 10:57:54 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private
Accept-Ranges
bytes
Expires
Thu, 17 Jun 2021 08:02:16 GMT
Pink_Transparent_Frame_with_Butterflies.png
gallery.yopriceville.com/var/resizes/Frames/ 		305 KB
306 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gallery.yopriceville.com/var/resizes/Frames/Pink_Transparent_Frame_with_Butterflies.png?m=1358769653
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.25.213.73 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
gallery.yopriceville.com
Software
nginx /
Resource Hash
3b85f20c9e41361bc3af9a8b329d1625b48ee4d04320c01fad645259d6b038bb

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:57:54 GMT
Last-Modified
Sun, 20 Jan 2013 23:00:00 GMT
Server
nginx
ETag
"bc0996-4c568-4d3c04dd79c00"
Content-Type
image/png
Cache-Control
max-age=2678400, no-cache, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
312680
Expires
Mon, 12 Jul 2021 10:57:54 GMT
1360963728_sem-ttulo.jpg
busyteacher.org/uploads/posts/2013-02/thumbs/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://busyteacher.org/uploads/posts/2013-02/thumbs/1360963728_sem-ttulo.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:b02d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c139af1b5fc5af7acdcff1a46649e473be03958ece51788eb0423dde4c67c013

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9606
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
65980
cf-request-id
0a9c51b9dc00004ec2c8b3e000000001
last-modified
Thu, 11 Feb 2016 08:09:57 GMT
server
cloudflare
etag
"56bc41d5-101bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t%2BWMMxdvGQJvrPE6EsQZcJe%2FUrX8khCbOz3H1dtOGfm%2F8dbU7vdl9%2Ft6b6R3WOsWki3aiGXMAnxwbpVWucgiRKSoD83VGVPLYjq3SZ%2BSN6wdvIpFsNliQ2CYBjdYBoR7LqhLsRZKxqof"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
65da523c9f694ec2-FRA
expires
Sun, 11 Jul 2021 08:17:40 GMT
honeys_1-343x299.jpg
www.heddels.com/wp-content/uploads/2015/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heddels.com/wp-content/uploads/2015/12/honeys_1-343x299.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:51f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abeace4266e8c0b95d5339bba7a58961c41fe2c7ce839c8ebe5d218b2c002f4a

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
332918
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19612
cf-request-id
0a9c51b9e500004a988e9e9000000001
last-modified
Thu, 06 Aug 2020 03:48:35 GMT
server
cloudflare
etag
"5f2b7d93-4c9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y75SeBk2AiJBszm%2BD0yniwXm7gAxuZ3GPtlfvLCQYILhlXPLLQTFXisVjkbMZZesRYqWuItZ2l%2FvQVhAQUwkaKzE%2BICFr2r74p%2FQftV7%2FwV4mZxRYNqlULlhfy3KGz1%2FwYizHdbG7mU2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65da523ca99c4a98-FRA
expires
Tue, 07 Jun 2022 14:29:16 GMT
carrack.jpg
media.moddb.com/cache/images/mods/1/15/14249/thumb_620x2000/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.moddb.com/cache/images/mods/1/15/14249/thumb_620x2000/carrack.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d96dd958e95fc60f46d727d3deb31d285ce300275341e178f784d084fc0c11

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
67473
cf-polished
origSize=89042
x-cache-status
HIT
content-length
82507
cf-request-id
0a9c51b9de000016f22b97d000000001
last-modified
Wed, 15 Jun 2016 04:14:13 GMT
server
cloudflare
etag
"5760d615-15bd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PZSwm4C6ogZMMqpcD%2B%2FBY3gKihiuUaznwXRZ%2B2BF6vNnmySca%2BBx%2BB1mWRCBrnEMSZlcPpK2H7raXct0HRCTeC7bLwZJHZ177ztM0lujhLcjPkSJf28HUIVeeFdTTNypvLqMXpQclCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
65da523c98a416f2-FRA
cf-bgj
imgq:100,h2pri
turkey5.jpg
www.hrw.org/sites/default/files/multimedia_images_2015/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hrw.org/sites/default/files/multimedia_images_2015/turkey5.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b845a522a9cc2a9273fa8b9b656e6afe636905116d8df6b8f3427010f09ec4c2
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"yb+x7JilmeBv49G4hGlUSyQ3VGJfUiJOXYGRiq740c8"
age
1222887
x-pantheon-styx-hostname
styx-fe4-b-76c58df74-l5lkg
x-cache
MISS, HIT, HIT, MISS
fastly-io-info
ifsz=56694 idim=750x563 ifmt=jpeg ofsz=56056 odim=750x563 ofmt=webp
fastly-stats
io=1
content-length
56056
x-served-by
cache-mdw17365-MDW, cache-mdw17323-MDW, cache-fra19161-FRA, cache-fra19161-FRA
server
nginx
x-timer
S1623409075.731893,VS0,VE2
date
Fri, 11 Jun 2021 10:57:54 GMT
vary
Accept, orig-host
content-type
image/webp
x-styx-req-id
9df05706-bf84-11eb-adaa-beb6446c35c3
expires
Sun, 29 May 2022 07:16:27 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
0, 1, 2108, 0
t600-Tracey%20Oliver.jpg
waldo.villagesoup.com/media/Common/21/C4/1426648/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://waldo.villagesoup.com/media/Common/21/C4/1426648/t600-Tracey%20Oliver.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.28.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-28-172.compute-1.amazonaws.com
Software
Apache/2.4.27 (Amazon) /
Resource Hash
ad8c82ef074bd8dfa268f1a2598229838aa03b0b2680ba3318d5a586f78276d3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:57:54 GMT
Last-Modified
Thu, 04 Jun 2015 12:59:15 GMT
Server
Apache/2.4.27 (Amazon)
ETag
"8bab-517b0be2e35f0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://api.nabcommerce.com
Expires
Sat, 11 Jun 2022 10:57:54 GMT
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
35755
X-XSS-Protection
0
X-UA-Compatible
IE=EmulateIE8
Acqui_Terme2015.jpg
www.fide.com/images/stories/NEWS_2015/FIDE_News/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fide.com/images/stories/NEWS_2015/FIDE_News/Acqui_Terme2015.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.241.218.178 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m1978.contaboserver.net
Software
nginx/1.17.3 /
Resource Hash
b4762c192ef2ae48da86d9314849578569b86b7e1d746b467eb1d8ab3fb37b9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:57:54 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 04 Sep 2019 12:52:57 GMT
Server
nginx/1.17.3
X-Frame-Options
SAMEORIGIN
ETag
"5d6fb3a9-6905"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26885
X-Content-Type-Options
nosniff
Three_Butterflies_PNG_Clipart_Picture.png
gallery.yopriceville.com/var/resizes/Free-Clipart-Pictures/Butterflies-PNG/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gallery.yopriceville.com/var/resizes/Free-Clipart-Pictures/Butterflies-PNG/Three_Butterflies_PNG_Clipart_Picture.png?m=1399672800
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.25.213.73 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
gallery.yopriceville.com
Software
nginx /
Resource Hash
b62b04186cfc9a4527dcb4b954ef606ddeecd4ebe39af962435f7b0d58cb68d0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:57:54 GMT
Last-Modified
Thu, 05 Oct 2017 02:55:05 GMT
Server
nginx
ETag
"4c2c28-1bc41-55ac3d9f254bd"
Content-Type
image/png
Cache-Control
max-age=2678400, no-cache, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113729
Expires
Mon, 12 Jul 2021 10:57:54 GMT
unknown.png_2D00_940x0.png
communities.bentley.com//cfs-filesystemfile/__key/communityserver-components-imagefileviewer/filetypeimages_2E00_/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://communities.bentley.com//cfs-filesystemfile/__key/communityserver-components-imagefileviewer/filetypeimages_2E00_/unknown.png_2D00_940x0.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.181 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
219d99c3f8f6b7d984e154c643126f6c979ab2351c90c3470b71ce4c53b7ab9d

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
last-modified
Sat, 06 Apr 2019 12:53:12 GMT
x-cdn
Imperva
etag
636901519921866819
content-type
image/png
x-iinfo
14-61198920-0 0CNN RT(1623409074237 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=375703, public
content-length
4232
expires
Tue, 15 Jun 2021 19:19:37 GMT
59f9a26b9a7c9.png
trickbd.com/wp-content/uploads/2017/11/01/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trickbd.com/wp-content/uploads/2017/11/01/59f9a26b9a7c9.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.215.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1739472e19280b560fe6a57cb3e3844fc934b45c811ad336ce4382bc6be092f2

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
305693
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
117993
cf-request-id
0a9c51ba1c00004a620e145000000001
last-modified
Tue, 20 Feb 2018 08:12:17 GMT
server
cloudflare
etag
"5a8bd861-1cce9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jahzTTF8HOFk4OOtXsH7Kwa7xRHI%2FNByZYk4Ia1sAF%2FGmCHuxAcEuoOisZTQoF4sPGa%2BXvmvNconaamj5zfsFl9Z%2BGUi8taMkgm5XVepfdik1u6NmuzCw14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65da523cfd664a62-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
570e8e62dd089569448b4627
i.insider.com/
Redirect Chain
  • https://static1.businessinsider.com/image/570e8e62dd089569448b4627-2666-2000/astronauts%20on%20iss.jpg
  • https://i.insider.com/570e8e62dd089569448b4627?width=2666
5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.insider.com/570e8e62dd089569448b4627?width=2666
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f1f3c8b41a2d891111ba7340c45b8105dfba7e83ffa9cb3d942859e6aa1cb57

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
via
1.1 varnish, 1.1 varnish
age
957344
x-cache
HIT, HIT
fastly-io-info
ifsz=8902722 idim=2666x2000 ifmt=png ofsz=5053036 odim=2666x2000 ofmt=webp
fastly-stats
io=1
content-length
5053036
x-amz-id-2
ymsaBROD3ANrVWzpL6u13WtxE86Cur28YLRQKr6Y216JSKG687LGb79oQvg3Pf1moZ638sK+IS4=
x-served-by
cache-bwi5121-BWI, cache-hhn4052-HHN
server
AmazonS3
x-timer
S1623409075.763800,VS0,VE5
etag
"YGc/mEWsTQiWd3AMxpSDZbYk7V5CN4mLgTb6YJE0r70"
vary
Accept
x-amz-request-id
67MNF05FX9BA9B0Y
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1

Redirect headers

date
Fri, 11 Jun 2021 10:57:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623409075.692534,VS0,VE0
x-served-by
cache-muc13948-MUC
x-cache
HIT
location
https://i.insider.com/570e8e62dd089569448b4627?width=2666
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
KristieSueEllenDegenhardt.jpg
3.bp.blogspot.com/-AdGTnCmh1uo/Wyvg9rxbkKI/AAAAAAAAPYg/UVBOqgTKAB4a5tWDoyvsQqo-i-lwxKfTgCLcBGAs/s200/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-AdGTnCmh1uo/Wyvg9rxbkKI/AAAAAAAAPYg/UVBOqgTKAB4a5tWDoyvsQqo-i-lwxKfTgCLcBGAs/s200/KristieSueEllenDegenhardt.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
105a0004314e788edc714f885e01fd9cc486591a1d86eda2a261e20d58b05708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:46:13 GMT
x-content-type-options
nosniff
age
11501
content-disposition
inline;filename="KristieSueEllenDegenhardt.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8665
x-xss-protection
0
server
fife
etag
"v3d89"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 09 Jun 2021 23:25:46 GMT
OrCad-errors.jpg
community.cadence.com/resized-image/__size/940x0/__key/communityserver-discussions-components-files/27/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.cadence.com/resized-image/__size/940x0/__key/communityserver-discussions-components-files/27/OrCad-errors.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:7fc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e06a514cbfd96db7eee9417490caa846dd98631e2bfba78a832bb031072e4ece
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.cadence.com *.force.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-powered-by
ASP.NET
content-disposition
inline; filename*=UTF-8''OrCad%20errors.jpg-940x0.jpg
content-length
65556
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
x-telligent-evolution
10.x
last-modified
Fri, 13 Nov 2015 18:31:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
private
content-security-policy
frame-ancestors 'self' *.cadence.com *.force.com;
cf-request-id
0a9c51bac10000c2f479b1f000000001
accept-ranges
bytes
cf-ray
65da523dfde0c2f4-FRA
expires
Fri, 18 Jun 2021 10:57:54 GMT
0.jpg
img.youtube.com/vi/9jQeF94aqZs/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/9jQeF94aqZs/0.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6e72b54f2b4819f3e8506b0647272f27a07f46bfac024f18c9798c94762b2ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 09:27:17 GMT
x-content-type-options
nosniff
server
sffe
age
5437
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18037
x-xss-protection
0
expires
Fri, 11 Jun 2021 11:27:17 GMT
Alone%2Bgirl%2Bquotes.jpg
4.bp.blogspot.com/-ocVbKsdbogg/Vxs-gO8966I/AAAAAAAADIc/-Ewc7Gin740abAL6FbCZ9LV8qAtBEj6jQCLcB/s400/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-ocVbKsdbogg/Vxs-gO8966I/AAAAAAAADIc/-Ewc7Gin740abAL6FbCZ9LV8qAtBEj6jQCLcB/s400/Alone%2Bgirl%2Bquotes.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
28a3b77133c269f800659b8d2ce681d6fd20bbb3f028eaed3d2ada04293dc0e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:11:01 GMT
x-content-type-options
nosniff
age
2813
content-disposition
inline;filename="Alone girl quotes.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25545
x-xss-protection
0
server
fife
etag
"vc88"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 09 Jun 2021 13:43:52 GMT
psg-ucl-19-20-font.jpg
u.footballfonts.com/img/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.footballfonts.com/img/psg-ucl-19-20-font.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.229.73.122 , Indonesia, ASN55660 (MWN-AS-ID PT Master Web Network, ID),
Reverse DNS
Software
Apache /
Resource Hash
4e55511c8496c1fddc71c2aec524f85b34a54ed328b52b45dfcdbbf4bb6466e7

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:57:55 GMT
Last-Modified
Wed, 18 Sep 2019 21:20:15 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3
Content-Length
73122
noggin-app-show-selection-menu-screen-nickelodeon-preschool-nick-jr-usa-moose-a-moose-and-zee-miffy-and-friends-blues-clues-blue-the-backyardigans.jpg
4.bp.blogspot.com/-Lc7q8E1tN74/WBpXw7SiGdI/AAAAAAAAqss/f-5jljLUdyM3FP8lHogHSZqLG8kScVSegCLcB/s400/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-Lc7q8E1tN74/WBpXw7SiGdI/AAAAAAAAqss/f-5jljLUdyM3FP8lHogHSZqLG8kScVSegCLcB/s400/noggin-app-show-selection-menu-screen-nickelodeon-preschool-nick-jr-usa-moose-a-moose-and-zee-miffy-and-friends-blues-clues-blue-the-backyardigans.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4de9dc17b589d0841ec10e0e0c08f0c126f18dced6e69236e13c4974f6e4d533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:33:58 GMT
x-content-type-options
nosniff
age
12236
content-disposition
inline;filename="noggin-app-show-selection-menu-screen-nickelodeon-preschool-nick-jr-usa-moose-a-moose-and-zee-miffy-and-friends-blues-clues-blue-the-backyardigans.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46644
x-xss-protection
0
server
fife
etag
"vaacd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 10 Jun 2021 07:11:24 GMT
Conversation-with-US-surgeon-general.jpg
directorsblog.nih.gov/wp-content/uploads/2021/06/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://directorsblog.nih.gov/wp-content/uploads/2021/06/Conversation-with-US-surgeon-general.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.197 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
887d32d4e81d423e712c52452f7b0de97f852c5d78c54fda33b2333013646252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
x-ac
2.hhn _atomic_ams
last-modified
Wed, 02 Jun 2021 17:13:03 GMT
server
nginx
etag
"60b7bc1f-11026"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
69670
expires
Fri, 18 Jun 2021 10:57:54 GMT
629583.jpg
files.ozbargain.com.au/n/83/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.ozbargain.com.au/n/83/629583.jpg?h=252efa0c
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454afd54dcccd555fc2c5b416ceb7181d920f79a4516df3789b0e868a2230913

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
cf-cache-status
HIT
age
99651
cf-ray
65da523d2b330830-CDG
cf-bgj
h2pri
content-length
3228
x-amz-id-2
FNX1sMgAI8wzWnIKVf+xbQxib2A+EwbweOu4cLrNN/WJCq+ug8dUNvCi7zmf8iG40a8A2nKuQ2A=
last-modified
Thu, 10 Jun 2021 07:13:01 GMT
server
cloudflare
etag
"9ef7991bcdf64a83302320d6f1ea0cb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
PYVH8AMKY4TV8WG4
cache-control
max-age=315360000
cf-request-id
0a9c51ba3a0000083042321000000001
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
60bf44e9270000b81e1ffbed.jpeg
img.huffingtonpost.com/asset/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.huffingtonpost.com/asset/60bf44e9270000b81e1ffbed.jpeg?cache=ZDl0bYX5ay&ops=crop_23_103_5301_3311%2Cscalefit_630_noupscale
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2800:233:23c9:90c:111f:15f5:25b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F20) /
Resource Hash
2c28f58d97a0b840502b1cbeaf7572a6f54e67abe44fedaa1d7233c1d5dbec5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
x-content-type-options
nosniff
age
156032
x-dns-prefetch-control
off
x-cache
HIT
content-length
24084
x-xss-protection
1; mode=block
last-modified
Wed, 09 Jun 2021 15:38:00 GMT
server
ECAcc (frc/8F20)
x-frame-options
SAMEORIGIN
etag
W/"5e14-i3O1ldLVm1iGyGBjsDK+Rl+AzqQ"
x-download-options
noopen
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
09062187_8a8137_57148bf089fd4543810f73f44bd91716_mv2.jpg
audiolove.me/uploads/posts/2021-06/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audiolove.me/uploads/posts/2021-06/09062187_8a8137_57148bf089fd4543810f73f44bd91716_mv2.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.45.86.41 Meppel, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
mail.audiolove.club
Software
nginx /
Resource Hash
75f6903769510c169929a722b6f1fd01cb6871f61b57c0d832a93c86ad45d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
last-modified
Wed, 09 Jun 2021 13:14:04 GMT
server
nginx
etag
"60c0be9c-11a5b"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
accept-ranges
bytes
content-length
72283
botw2take3.png
www.gameinformer.com/sites/default/files/styles/body_default/public/2021/06/09/a76f7f8b/ 		347 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gameinformer.com/sites/default/files/styles/body_default/public/2021/06/09/a76f7f8b/botw2take3.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8f50f32f4bfbffac18d03ff2cb705dfb0c359f238e9ad599a4ce32c4dcf00f79

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
via
1.1 varnish, 1.1 varnish
age
156830
x-cache
HIT, HIT
x-cache-hits
1, 2
content-length
355775
x-served-by
cache-mdw17348-MDW, cache-fra19148-FRA
last-modified
Wed, 09 Jun 2021 15:23:07 GMT
server
nginx
x-timer
S1623409075.834575,VS0,VE0
etag
"60c0dcdb-56dbf"
content-type
image/png
x-styx-req-id
ba072010-c936-11eb-85c2-d2b9b30b8f04
expires
Fri, 10 Jun 2022 15:24:05 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe2-b-d65d59d6b-zdbfl
img_767506.png
origin2.cdn.componentsource.com/sites/default/files/styles/image_medium/public/images/feature_release/2021/06/09/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin2.cdn.componentsource.com/sites/default/files/styles/image_medium/public/images/feature_release/2021/06/09/img_767506.png?itok=iOqfeyHw
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:19e::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f19425ffff8a0b8ca4cb14be30b3e3f1bd3dd56ba2d7899c66ec72ad0629b9c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 10:36:21 GMT
server
nginx
content-type
image/png
x-ah-environment
prod
cache-control
max-age=1057391
x-cache-hits
11
x-age
16349
accept-ranges
bytes
content-length
28119
x-request-id
v-49ccf73e-c91b-11eb-9561-57ece014f399
expires
Wed, 23 Jun 2021 16:41:06 GMT
0607W-3603-1540x800.jpg
www.farmprogress.com/sites/farmprogress.com/files/styles/hp_top_stories_main_standard/public/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farmprogress.com/sites/farmprogress.com/files/styles/hp_top_stories_main_standard/public/0607W-3603-1540x800.jpg?itok=uAMx8k-6
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d2ba1c4a3e6529e8500187ad103f8b798bfdab458a78f7e220d394d483b13cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-length
61948
cf-request-id
0a9c51ba9200004e441c14d000000001
last-modified
Wed, 09 Jun 2021 07:58:15 GMT
server
cloudflare
etag
"f1fc-5c450a30dfd00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4FQO3Maw3N6fcF9ko6OO%2B0RCqrCfGlmmCILa3ZDmnbaDNGKC9ce%2BjLJEsHE2nw%2FkyGJk7C%2FrMb0RGfqrgeU6qeltkK2w0nHExmD2v8FkHrZ1O3mf8hKgzMTs7Gw1ZhC5Tx%2BA8oXOtZ5JPpEfcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
65da523dbc0e4e44-FRA
expires
Fri, 25 Jun 2021 10:57:55 GMT
the_witch_queen.jpg
www.gameinformer.com/sites/default/files/styles/body_default/public/2021/06/08/2044ae4d/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gameinformer.com/sites/default/files/styles/body_default/public/2021/06/08/2044ae4d/the_witch_queen.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
008d3a58eb3ec3580224d176beb685cd9a752bd8df9d9a3373a2638ce88d77a9

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
via
1.1 varnish, 1.1 varnish
age
160578
x-cache
HIT, HIT
x-cache-hits
1, 4
content-length
49584
x-served-by
cache-mdw17381-MDW, cache-fra19148-FRA
last-modified
Tue, 08 Jun 2021 11:44:25 GMT
server
nginx
x-timer
S1623409075.892656,VS0,VE0
etag
"60bf5819-c1b0"
content-type
image/jpeg
x-styx-req-id
ffe0ec7d-c92d-11eb-85c2-d2b9b30b8f04
expires
Fri, 10 Jun 2022 14:21:36 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe2-b-d65d59d6b-zdbfl
pastedimage1623145109620v1.png
community.dynamics.com//resized-image/__size/320x240/__key/communityserver-discussions-components-files/117/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.dynamics.com//resized-image/__size/320x240/__key/communityserver-discussions-components-files/117/pastedimage1623145109620v1.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.181 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de7675d8eef54778b9fde2592387967cb40d1c278f44fbb2fa3143b97fbb1433
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
x-content-type-options
nosniff, nosniff
x-cdn
Imperva
x-iinfo
5-18674829-18674830 NNNN CT(88 181 0) RT(1623409074046 0) q(0 0 3 -1) r(5 6) U2
content-disposition
inline; filename*=UTF-8''pastedimage1623145109620v1.png-320x240.png
content-length
18413
x-xss-protection
1; mode=block, 1; mode=block
x-ua-compatible
IE=Edge
x-telligent-evolution
10.x
last-modified
Tue, 08 Jun 2021 09:52:57 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
private
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
expires
Fri, 18 Jun 2021 10:57:55 GMT
pakistan-train-accident-2.jpg
i1.wp.com/images.tv9hindi.com/uploads/2021/06/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/images.tv9hindi.com/uploads/2021/06/pakistan-train-accident-2.jpg?resize=750%2C422&ssl=1
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ad50c66102938100e3ef9220b685e90ce2b4fde96658077eac2023634681bbf7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 11 Jun 2021 10:57:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 07 Jun 2021 10:00:30 GMT
server
nginx
etag
"958b5dcc82d8da27"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.tv9hindi.com/uploads/2021/06/pakistan-train-accident-2.jpg>; rel="canonical"
content-length
24262
expires
Wed, 07 Jun 2023 22:00:30 GMT
rssing.com.1148396.js
jsc.adskeeper.com/r/s/ 		276 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/r/s/rssing.com.1148396.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8150655ef735408cc5b1b232ba13fb1d5fac6c4b9780a80d15642e02b4ecc4a9

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1192
cf-ray
65da523eae833329-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
76388
x-amz-id-2
nhM+xgT5XMA0XwcEEyx1WkkaTxcT8z2Vs9WgP6X+R2ECWFj9vbwqXvyQpwutgJZGXbXSF8i0GWU=
last-modified
Thu, 10 Jun 2021 10:44:02 GMT
server
cloudflare
etag
"f0d620cdbfdcf3555564fc0e0a82c92e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
MHE9FJEZ9EKV65CZ
cache-control
public, max-age=14400
cf-request-id
0a9c51bb240000332955036000000001
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 11 Jun 2021 14:57:54 GMT
all.js
www.rssing.com/inc2/js/ 		321 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/inc2/js/all.js?id=81
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b7a660c8bcc68bf3360105707fd5bacc9f44d1a4ab7a9bde633eb33db728da
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
43967
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b9e100004e374904a000000001
last-modified
Thu, 10 Jun 2021 22:44:35 GMT
server
cloudflare
etag
W/"502ac-5c47122a33f61-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5W7QB0u9yoV7T6cppQi9pziyTciDyvL6QrQPP8dyIwuTEas1d%2BixJhKJvSavzQuDUpgJ%2FdVOSiLniccYMawID52PVzg%2FlNaN93nOC7LJ7FfQRSai4Dv9S1m6dC2APSsgDkxgzXG1Suo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
cf-ray
65da523c9ffb4e37-FRA
access-control-allow-headers
*
expires
Sat, 10 Jul 2021 22:45:07 GMT
rpcg.js
www.rssing.com/ 		598 B
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/rpcg.js?ct=1&r=164871003
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.21
Resource Hash
f84fb53333e100ebc1882efd548d38670bfe60947b4285ae3025e03ea64239d6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.21
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51b9e400004e374904b000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mV5JIIXXvY%2BGaGF3t8un2E1YsE0gqdV7eKSCZ4vZJ9GNb9FYqIKpB%2BsljNSVPyBAm3Pczyj%2BmsuDYbFuVJmMWV0NIvhL8%2FX7yeFla%2F1sGQwCujIyf1sMpLZ%2FfqYE5BPMQIptQQOgcjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
cf-ray
65da523c98004e37-FRA
access-control-allow-headers
*
expires
Sun, 11 Jul 2021 10:57:54 GMT
rules-p-KygWsHah2_7Qa.js
rules.quantcount.com/ 		3 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-KygWsHah2_7Qa.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:6600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 19:07:39 GMT
via
1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
age
57016
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:28:45 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
apxEvb68lNhfJg5r2HJ1JF_0AyI79hLNWiEWGTGCSBbKTpU7pq3f6g==
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shavlik40.rssing.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 06:16:42 GMT
x-content-type-options
nosniff
age
276072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 06:16:42 GMT
pubads_impl_2021060901.js
securepubads.g.doubleclick.net/gpt/ 		326 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 08:43:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116890
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:57:54 GMT
CookieAccessV2
apis.quantcast.mgr.consensu.org/ 		21 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.quantcast.mgr.consensu.org/CookieAccessV2
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=rssing.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.13.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-13-188.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e51b8a213ba36235303df692d1653b7a152c5d692709ac360f51bad15e44ac98

Request headers

Accept
application/json, text/plain, */*
Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
server
awselb/2.0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
21
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17602094-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3434
date
Fri, 11 Jun 2021 10:00:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 11 Jun 2021 12:00:41 GMT
Tag.engine
engine.4dsply.com/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.4dsply.com/Tag.engine?time=-120&id=e09c99be-cd96-4474-96cf-c961092fabe6&rand=77870&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&kw=
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=e09c99be-cd96-4474-96cf-c961092fabe6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a56922e26bffe707e55a54e95ed17d14c972e60d41d5f0a1f0b844135c951793

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
65da523eef61c2ea-FRA
date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-adscore-status
null
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
private, no-transform
content-type
application/json; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bb4f0000c2eaf23ea000000001
/
services.vlitag.com/uv/ 		13 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&mtk=1368
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=0f8e9718699fbe484d62023a1d28b989
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
cf-request-id
0a9c51ba89000005fddb07f000000001
pragma
no-cache
last-modified
Fri, 11 Jun 2021 10:57:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VhM1%2BbU0teImv6frlwZwbbWzccLSr2Gl7gWjw9TZPQVY%2ByUj%2FjXpxYFZjwuiTKN9Utt9JGGXLeVXYKvqcG9z8bI3nksxYeqK0%2F6O%2F4fMlYgTO7LbP%2BeFo%2BKovWhFs%2F0pfXjEtFTi91mAcZL1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://shavlik40.rssing.com
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
65da523daf7105fd-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
0f8e9718699fbe484d62023a1d28b989.js
tag.vlitag.com/v1/1623404854/ 		486 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=0f8e9718699fbe484d62023a1d28b989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e913a9ae4e4243ba99dfd78bff7e1af7729fbb4cb1c192fffcb3c06b39a3721f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4213
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bb5900003248011b3000000001
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KPg2vGVih2EC68pPYFykf3VGr1dZU6iosg43nJpsdrRq8NsaBfJynhMnCfdv5rzPn%2FAIt9SRaWkVWkj2BWUkFJXHiP751FGb6q8yubEVfoFSk5SSc4xI%2B7k6yhK94OlLIqhpffI5XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000, immutable
cf-ray
65da523efd733248-FRA
/
services.vlitag.com/uv/ 		13 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&mtk=1368
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=0f8e9718699fbe484d62023a1d28b989
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
cf-request-id
0a9c51ba89000005fdd8b15000000001
pragma
no-cache
last-modified
Fri, 11 Jun 2021 10:57:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W8OMWEygw2HGzqNgp5lC31DPjrmJJEP%2FpglYzGU37LOEvG1qba%2BOHaFPj23B9%2Ff2gyFjm9HhrkTLQqa06G6L7%2Fzpqk7c37NtTG7%2BbGZ9Q8fJ8CKOZpoP35KTgFC1kqugbGHerxPYAInnQdN5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://shavlik40.rssing.com
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
65da523daf7005fd-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
/
c.adskeeper.com/pv/ 		0
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1623409075088566796837&uniqId=016ad&consentData=&gdprApplies=true&uspString=&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&lu=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&pageView=1&pvid=179fab8a3908fe23742&site=515146&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/s/rssing.com.1148396.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65da523f6fe73329-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bba400003329a1048000000001
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
br
cf-cache-status
HIT
age
2822
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
TDFPK96NXRT58XZ2
x-amz-id-2
wTo3X/MdxfmF73uhKCe6wR8X+ODEzfsnVtAfm+WhdxF2jei+cvIsb6mLldSiP66koaRPX+KiyDw=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-request-id
0a9c51bbdc0000ee27e61b8000000001
cf-ray
65da523fc9d9ee27-CDG
expires
Fri, 11 Jun 2021 14:57:55 GMT
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
servicer.adskeeper.com/1148396/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/1148396/1?pv=5&cbuster=1623409075192752559434&uniqId=016ad&consentData=&gdprApplies=true&uspString=&niet=4g&nisd=false&w=1024&h=27350&cols=1&ref=&cxurl=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&lu=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&pageView=1&pvid=179fab8a3908fe23742&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/s/rssing.com.1148396.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9811049d63ea8e39cadc8482ddc8ff14b687c86d13de5c426a0302b4e698b9

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65da5240090c3329-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bc020000332955833000000001
micro.tag.min.js
dishesha.net/pfe/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dishesha.net/pfe/current/micro.tag.min.js?z=4270157&sw=/sw-check-permissions-ab8e4.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.200 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 14:39:54 GMT
Server
nginx
ETag
W/"60c2243a-133cd"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
req1234.php
a.rssing.com/ 		44 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.09000844675295316&i=21784001&r=2117&h=1971336650&u=%2F%2Fcommunity.shavlik.com%2F%2Fbeacon%3Ft%3D1547834097374&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BbC%2FUZtCgmujIdi9jGoNxaKzz%2B4Ltw1Op6pUb763iyYVsnAQXMe6VGPfkvTHWpgpcIIs11Gt1lzswcY3mCDMMmph9cjXBO2urILlnwt3%2F0cpX3YexPNa4VHtBmyoJEsvQ1UzSLzo"}],"group":"cf-nel","max_age":604800}
cf-ray
65da52400f9a4e56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bc0900004e568835e000000001
req1234.php
a.rssing.com/ 		44 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.44707162951514734&i=21784001&r=2118&h=691294124&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23049-20-1290%2F620-156%2FMissing%2BInstall%2BPatch.png&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FppzsgO8uPKiU%2F1okptT67Ac7KOLQtJ1YPqB4ALJvXvLfUsEmSAqfZdaSrv4TPp39dflGCjYY%2BohGM2bIuyMyDqvWNUpDqV7f7UssmOxtzK1NDnqR%2FAk4Bi2h1VamvnQWC6hRxig"}],"group":"cf-nel","max_age":604800}
cf-ray
65da52400f934e56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bc0900004e56dea48000000001
req1234.php
a.rssing.com/ 		44 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.6909795802161609&i=21784001&r=2123&h=1448340188&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2201%2F620-462%2FCustom%2Bpatch%2Beditor.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jXmC36EXhoNT2cYiry7xZuwBhp1Y2R3JOa2OIANmpeCa26ijqg2%2FMsChxqE6uE%2Fy0bNCoZNJyrLXbJnpKMRALNIDGEj92V9JeJ%2Fee55c14tREKm3uV2X8uSfp%2BlyZTQvhGpACJm4"}],"group":"cf-nel","max_age":604800}
cf-ray
65da52400f9c4e56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bc0900004e565f1d2000000001
req1234.php
a.rssing.com/ 		44 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.030993315143945432&i=21784001&r=2125&h=960180239&u=%2F%2Fcommunity.shavlik.com%2F%2Fbeacon%3Ft%3D1547847439556&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vyAGJCmIIgd75e4EuTxObTW1xjrHgXnB3Tbb5%2Fc63A37DGUAiPfEswb1ngOmHN9xkEEPs77j4AdfHqzdNWw75tFnKFKlmcjktNYZlJBEZuStjR9buwGUcfBQDlhIW8LgIfPRRUw6"}],"group":"cf-nel","max_age":604800}
cf-ray
65da52400f9b4e56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bc0900004e568e356000000001
request.php
www.rssing.com/ 		29 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/request.php?req=gr&qs=aa2caa21784001c16c0bbca0bbca3caa21784001c16c0bbca3bbca4caa21784001c0c2117bbca1c2bbca5caa21784001c0c2118bbca1c2bbca6caa21784001c0c2119bbca1c2bbca7caa21784001c0c2120bbca1c2bbca8caa21784001c0c2121bbca1c2bbca9caa21784001c0c2122bbca1c2bbca10caa21784001c0c2123bbca1c2bbca11caa21784001c0c2124bbca1c2bbca12caa21784001c0c2125bbca1c2bbca13caa21784001c0c2126bbca1c2bbb&url=%2Fchan-21784001%2Findex-latest.php&pi=%5B12%2C21784001%2C0%2C0%2C0%2C1%2C10%2C10%5D&dd=1600x1200
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.21
Resource Hash
7f753e124425603d0eaca121c8341061705be9e98cbfa2073ae5421faeb56417
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.21
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bbff00004dfa12202000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8qzYXk%2BrTl0p%2FB7j%2FGzDpuhOdJBcEZgF5604Xj%2FO%2FU7uIm1iIlnBAidyE0yXQ6EgCQGQTNluWGvGWLFb6hicwxXXo%2F7oBKKREq3vjl1qaqxKS5AAk5slh3lHEgM6bhWOiUve3n4l%2BKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=0
content-security-policy
block-all-mixed-content
cf-ray
65da523ffd544dfa-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 10:57:55 GMT
star_empty.png
www.rssing.com/inc2/img/ 		856 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rssing.com/inc2/img/star_empty.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d684faa13c4b9d92bb521f94889068500d7d0821c20328dcaefb0a47d6dfb8e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2547779
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
856
cf-request-id
0a9c51bc0000004e3752b30000000001
last-modified
Thu, 23 Apr 2020 16:42:30 GMT
server
cloudflare
etag
"358-5a3f7ef43c980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Asdd5CFp6wTzRhAeOj0v6uMiwVZJYCg2g1qVPJe305l2AR5Hp4xKPim%2BQTVIdEfZ6YBtz%2BVrPjBIhjqaeHbaKByeJEquaQK5CCQlCtn3mBZ9UqUIWbnaz%2BHpEBbhY5FLmT8ZMcNGxHo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme, Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
accept-ranges
bytes
cf-ray
65da523ffff84e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:14:56 GMT
star_half.png
www.rssing.com/inc2/img/ 		871 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rssing.com/inc2/img/star_half.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a90a3ecb7e28ac78bc33543cb1e12aa10734aef5c847106fdb3e9f278d5bb00
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2547779
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
871
cf-request-id
0a9c51bc0000004e37df9e1000000001
last-modified
Thu, 23 Apr 2020 16:42:30 GMT
server
cloudflare
etag
"367-5a3f7ef43c980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BiNjDzd454thxz6AZB0PxEJ4crsyVore1UX6kH0mKdDVIomtVQpxHBuut0pd0j%2BcTUGZ7GFs7PkpKahwvtY%2BRxTzRmXcm9xD8U%2B5D%2Fx7Dg%2BQbe5y6zefHuz2DveQzwl%2BatOiVDnmqEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme, Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
accept-ranges
bytes
cf-ray
65da523ffffd4e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:14:56 GMT
redirect.aspx
community.shavlik.com/
Redirect Chain
  • https://community.shavlik.com//beacon?t=1547834097374
  • https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Date
Fri, 11 Jun 2021 10:57:15 GMT
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
Location
/redirect.aspx?url=https://forums.ivanti.com
Cache-Control
private
Content-Security-Policy
default-src 'none'; script-src 'self'; img-src 'self'; style-src 'self'
Content-Length
173
X-XSS-Protection
1; mode=block
Missing+Install+Patch.png
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23049-20-1290/620-156/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23049-20-1290/620-156/Missing+Install+Patch.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Custom+patch+editor.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2201/620-462/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2201/620-462/Custom+patch+editor.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
beacon
community.shavlik.com// 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com//beacon?t=1547847439556
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Fri, 11 Jun 2021 10:57:55 GMT
x-host
s7.addthis.com
content-length
116325
joanna-krupa-foto-su-fhm-05-150x150.jpg
www.notiziepertutti.com/wp-content/uploads/2011/10/ 		81 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notiziepertutti.com/wp-content/uploads/2011/10/joanna-krupa-foto-su-fhm-05-150x150.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bc7600004e13fab7a000000001
server
cloudflare
etag
"5fa23ea9f65e3a772b747fa0e6234308"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wKdUh21xU5yT7mZ92glrA9qp8%2FJ%2F8OsZogtdNqbe7d7xB1Eyl3hbFqJ1bIz6ebSUHddh1SeGkpz5l%2B%2F1QhIM9TjLc9HElFOQBKxTjlPosAXpzq6Lf2Zljbqw2I%2B2LSTMlMp2blL2BZmCN8wh%2BiKR8XY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-httpd
1
cache-control
public, max-age=2592000
cf-ray
65da5240bdef4e13-FRA
x-proxy-cache
HIT
DSC08012.JPG
image.itdonga.com/files/2019/06/18/ 		0
0
vlcsnap-2019-09-01-00h21m45s857-1024x576.png
blog.resistance.lt/wp-content/uploads/2019/09/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.resistance.lt/wp-content/uploads/2019/09/vlcsnap-2019-09-01-00h21m45s857-1024x576.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.119.160.30 , United States, ASN61272 (IST-AS, LT),
Reverse DNS
Software
Apache /
Resource Hash
1f7e07044bfddbd2c44ef39fd9c685a7477cd89f3740466173a231841dcfa85e

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
last-modified
Sat, 31 Aug 2019 21:34:22 GMT
server
Apache
accept-ranges
bytes
content-length
19897
content-type
image/png
photo-74213226.jpg
tamil.samayam.com/photo/74213226/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tamil.samayam.com/photo/74213226/photo-74213226.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:120:39a::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
44696e0daa7b3fd65adaa7243250bfaddc9211978663a6b97e126f11636db8cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.indiatimes.com https://*.samayam.com https://maharashtratimes.com https://vijaykarnataka.com https://m.timesofindia.com https://m.economictimes.com https://www.iamgujarat.com https://www.google.com https://*.google.com https://cdn.ampproject.org https://*.cdn.ampproject.org https://*.ampproject.org http://*.newspointapp.com https://*.newspointapp.com
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
imagemagick_im4java
1
appgn
17229649401231623409075718
content-length
57329
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
date
Fri, 11 Jun 2021 10:57:55 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
public, must-revalidate, max-age=31535957
access-control-allow-credentials
false
etag
156775
content-security-policy
frame-ancestors 'self' https://*.indiatimes.com https://*.samayam.com https://maharashtratimes.com https://vijaykarnataka.com https://m.timesofindia.com https://m.economictimes.com https://www.iamgujarat.com https://www.google.com https://*.google.com https://cdn.ampproject.org https://*.cdn.ampproject.org https://*.ampproject.org http://*.newspointapp.com https://*.newspointapp.com
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
expires
Sat, 11 Jun 2022 10:57:12 GMT
Las%2Brosas%2Bde%2Blas%2Bespinas.jpg
1.bp.blogspot.com/-2BVCffo7LWU/YGGbzUzgAbI/AAAAAAAAOBs/wXb55U5euT4oNt_WomaQgyje7b_sFIl7wCLcBGAsYHQ/w400-h400/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-2BVCffo7LWU/YGGbzUzgAbI/AAAAAAAAOBs/wXb55U5euT4oNt_WomaQgyje7b_sFIl7wCLcBGAsYHQ/w400-h400/Las%2Brosas%2Bde%2Blas%2Bespinas.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a9856cea465ca37fec74b8b06eea04627ecc8f155ac0957126c45d56bcf3e1dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
x-content-type-options
nosniff
server
fife
etag
"v381c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Las rosas de las espinas.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67308
x-xss-protection
0
expires
Sat, 12 Jun 2021 10:57:55 GMT
da37592b497061ee62b1b603369a0e4a.jpg
image.yes24.com/images/chyes24/d/a/3/7/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.yes24.com/images/chyes24/d/a/3/7/da37592b497061ee62b1b603369a0e4a.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.115.109.71 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6e49595fa1bc368386b2c17457d49616b5304a9045ea1f96590ab113f1efba4

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:57 GMT
last-modified
Mon, 20 Jan 2014 01:32:34 GMT
server
Microsoft-IIS/10.0
age
0
x-powered-by
ASP.NET
etag
"0253d7e7f15cf1:0"
content-type
image/jpeg
cache-control
max-age=2629800
x-cache-result
TCP_CLIENT_REFRESH_MISS
accept-ranges
bytes
content-length
7018
33393308606_10ff6bdf48_c.jpg
c2.staticflickr.com/4/3809/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2.staticflickr.com/4/3809/33393308606_10ff6bdf48_c.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:3800:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jubilee /
Resource Hash
a6ef39dd5a19e4fefa492f5f3ab6eea5f4b1b70ddd7052f57e37588c3ae857f8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
via
1.1 9a66d849010281b3877fd5f66dbb4720.cloudfront.net (CloudFront)
mib
2
x-ttfb
0.1381
surrogate-control
public, max-age=31536000
ourvalues
Grow Together (#1 of 5)
x-cache
Miss from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
streaming
false
edge-control
public, max-age=31536000
last-modified
Fri, 12 Apr 2019 20:40:52 GMT
imageheight
574
powered-by
Mutation/1.0
imagewidth
800
x-ttdb-l
108389
x-request-id
883bc4ba
x-ua-compatible
IE=edge
x-env
a=live, b=jubilee, c=77f4af62, e=5017319cdd8b6f0e8ca83f5d61e011f0dc7d4baa
server
Jubilee
etag
"6be34e315680a90ea7b40fcfe0a10054.1"
x-frame-options
DENY
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C2
hiring
Change the world of photography with us. https://www.flickr.com/jobs/
origintype
X
x-amz-cf-id
WGmjrJXsIQMtr3rkGyPPpf289TwrfVCBckqqViTceOoLgQRzMuXb6A==
quote
"I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires
Sat, 11 Jun 2022 10:57:56 GMT
ciastoserce3-320x212.jpg
panismaczna.com/wp-content/uploads/2014/12/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://panismaczna.com/wp-content/uploads/2014/12/ciastoserce3-320x212.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.98.239.3 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
83a2ec58ce3a538830517bb4ff957b94ab637f1ad6b7746e73eafb18e4e9f190

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
last-modified
Wed, 03 Dec 2014 13:56:19 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=900
accept-ranges
bytes
content-length
17756
expires
Fri, 11 Jun 2021 11:12:55 GMT
o0480036013428293981.jpg
stat.ameba.jp/user_images/20150918/15/nakagawa-shoko/be/0c/j/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.ameba.jp/user_images/20150918/15/nakagawa-shoko/be/0c/j/o0480036013428293981.jpg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-187.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
150cd3d3e2b3dc29de7678ba236fea98563d0a8252dad57cd9a9018db2d8a541

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
x-check-cacheable
YES
x-serial
275
etag
"c5460d566fa640778c786cd1aab666b2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=17280000
last-modified
Sun, 16 May 2021 14:17:04 GMT
content-length
67522
server
Akamai Image Manager
expires
Thu, 02 Dec 2021 14:16:21 GMT
ui-bg_glass_75_e6e6e6_1x400.png
www.rssing.com/inc2/css/images/ 		262 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rssing.com/inc2/css/images/ui-bg_glass_75_e6e6e6_1x400.png
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/css/all.css?id=71
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e561ff3d9747ec9398f85778d694cae2bb77b70c047b9c17f837c1d45b4c75
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rssing.com/inc2/css/all.css?id=71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2547776
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
262
cf-request-id
0a9c51bc2800004e372b84a000000001
last-modified
Sun, 01 Jan 2017 20:57:15 GMT
server
cloudflare
etag
"106-5450eae0560c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yUoIseeRvrOcHRhjhc%2FUSFZILUx8zECQhm3US8RKPB%2BScABlNBK9MFQ927BKky5NGgytAAxdhyLKUZsqAXrKZDmA6lWyjaTWWktWIzN3gGmJTu4Fs0ujpKJ8A%2BNsAfUbHuvOzhJYWZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme, Accept-Encoding
cache-control
max-age=2592000
content-security-policy
block-all-mixed-content
accept-ranges
bytes
cf-ray
65da524038934e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:14:59 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1678255632&t=pageview&_s=1&dl=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&ul=en-us&de=UTF-8&dt=Shavlik%20User%20Community%20%3A%20All%20Content%20-%20Ivanti%20Patch%20for%20Windows&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=500989925&gjid=536161484&cid=1736917990.1623409075&tid=UA-17602094-1&_gid=198960400.1623409075&_r=1&gtm=2ou690&z=1277420878
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid-v4.38.0.js
assets.vlitag.com/prebid/default/ 		411 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
91956
cf-polished
origSize=421400
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bdde00003248df99c000000001
x-robots-tag
noindex, nofollow
last-modified
Mon, 10 May 2021 09:25:11 GMT
server
cloudflare
etag
W/"6098fbf7-66e18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=28Hab5dYmPd6ZZ%2B191rvcgXHlG2Yw%2FpNl7kQPv5G%2FjIFwjqUS8QuqcTmcb6DQeK7r1Npd3p4O%2F0KqBFw7UgKzYodipOAE5WxlgkIsnpXcOXRxnWzYDfDw0tHonRxXxF9JV9r3fM4dzgWmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
65da5242fe4a3248-FRA
expires
Thu, 10 Jun 2021 09:55:19 GMT
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffb6273334bf458133e8750475a0984a7360b978b996b611ac559c6a569e1863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"899 / 347 of 1000 / last-modified: 1623404399"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21444
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:57:55 GMT
viPlayer_v42.min.js
assets.vlitag.com/plugins/vlPlayer/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1605361
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51be250000536a2eb49000000001
x-robots-tag
noindex, nofollow
last-modified
Thu, 26 Nov 2020 03:46:23 GMT
server
cloudflare
etag
W/"5fbf250f-33d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XbZtG%2BA2%2BLOzZWM8G5wlsi7aeT92zddKvuGDV6a8QMjiZpS6OO7M%2BkSp05qo3McpxTBwXx7oRPRzJlPw8WLFcJDDNmN90h4q6VqJUXDHtGMGA%2FJ4ITu0e3NYELF4VsXx2hUUwc3s6IdTZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
65da52436e0e536a-FRA
expires
Sun, 23 May 2021 21:31:54 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		338 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118262
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:57:55 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1605361
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51be3f0000536adfa86000000001
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XCpsp4ddXe6njoi8u%2FYo5qewuHylXZp8%2FBDVuu4%2Bq3%2B2SlAETZ3FtAbvPuwgbo2x79rwkx%2ByKQVNUl3YIaAqVP74FGF%2FwemQRo6OgIeuSWlA09aexhCR%2FOhHk8GMTRlV7t6TIsusUf%2Bt1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
65da52439e66536a-FRA
expires
Sun, 23 May 2021 21:31:54 GMT
b.js
cdn.engine.4dsply.com/Scripts/MediaScripts/ 		172 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engine.4dsply.com/Scripts/MediaScripts/b.js?v=4
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=e09c99be-cd96-4474-96cf-c961092fabe6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
549ab2f9c2dfdee4dbc7632d379c03972b3a1ef2e130fb17f29052e080a117fe

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
19
x-powered-by
ASP.NET
p3p
CP="CAO PSA OUR IND"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51bc9100004a9102355000000001
last-modified
Fri, 11 Jun 2021 10:54:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=731
cf-ray
65da5240e8bc4a91-FRA
expires
Fri, 11 Jun 2021 11:09:47 GMT
i.js
cm.adskeeper.com/ 		19 B
174 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?consentData=&gdprApplies=1&cbuster=1623409075355726649952
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/s/rssing.com.1148396.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
a1feeda9-5114-4258-ad04-cc70aea74830
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65da5243f9093329-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51be790000332961b4b000000001
server
cloudflare
i-noref.js
cm.adskeeper.com/ Frame 634A 		19 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1623409075360647066426
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/s/rssing.com.1148396.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
9960b5f4-c797-4e58-8d90-502fb697cf69
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65da5244092a3329-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51be85000033295507b000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.adskeeper.com/g/8193537/492x277/0x168x510x340/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193537/492x277/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1623409075-tAI8QTgvx9wvleBX2XqNMTBTmwBcj9wSdYRqSeUtTQY
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f144441391ff81772d6f60ba9138e81f0a78f76739f2d123aa6d09cca8920f66

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
8b8e3356-07c4-4686-8bab-9be28daa9887
age
2419540
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
42384
cf-request-id
0a9c51be8c000033298436f000000001
last-modified
Tue, 11 May 2021 10:33:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da5244194f3329-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.adskeeper.com/g/8164865/492x277/0x0x900x600/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164865/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1623409075-CD5d-H2Hd-Hv7bmBVwS6llXWAoWc_OpslhEaMdVC2zo
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
965f7ba6-d987-4f86-829d-e6f520240b45
age
2419508
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19190
cf-request-id
0a9c51be9300003329890a3000000001
last-modified
Tue, 11 May 2021 10:37:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524419723329-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.adskeeper.com/g/8193525/492x277/0x311x684x456/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193525/492x277/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1623409075-gNhPj80XsUZViEAI37Yc6I7ZCIDUQr6IqKCmmmbH4iU
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36fc5362005c0957298b05c5d8f7386fe809078d5c1e2153df608157592ecf5a

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
1596fa85-7497-483e-97cd-5d0cdfc90d9c
age
2419549
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14808
cf-request-id
0a9c51be9500003329cc9cb000000001
last-modified
Tue, 11 May 2021 11:20:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524429783329-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.adskeeper.com/g/8193526/492x277/0x26x798x532/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193526/492x277/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1623409075-FoFeL1gjWylp2wJVOONgEJIWU8xTLW52siuxonLd6n4
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834bcb70b8df1fa7df6d4b308cbad725cd6d85b6d5b719f75b5497b6d2587433

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
239abe36-12b7-45e4-8f42-ead0dbb003c4
age
261006
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15746
cf-request-id
0a9c51be9800003329b394d000000001
last-modified
Tue, 11 May 2021 11:21:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da5244297f3329-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzFjMDgwZWRhYWYxOGQwYWFhZmI4NDNjMWJjZTZkZDhkLnBuZw.webp
s-img.adskeeper.com/g/8193536/492x277/24x0x530x353/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193536/492x277/24x0x530x353/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzFjMDgwZWRhYWYxOGQwYWFhZmI4NDNjMWJjZTZkZDhkLnBuZw.webp?v=1623409075-M3JrUvsGx1_wKJ0NOIpQlB4Hj-ERLpjrQo415hWLb1w
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5cef3d2006a83d93c1672697f64fd54a4fe155162142cd3d8b573b7bfc70315

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
5f7c25c0-d9c2-48bc-9792-b31db868917b
age
2419537
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13664
cf-request-id
0a9c51bea0000033297f84c000000001
last-modified
Tue, 11 May 2021 10:39:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da5244399b3329-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzE5NjUwY2MzN2JlYTZjYjgzYzhmMGRiMTcyYmJiMWU3LmpwZWc.webp
s-img.adskeeper.com/g/8164925/492x277/0x82x639x426/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164925/492x277/0x82x639x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzE5NjUwY2MzN2JlYTZjYjgzYzhmMGRiMTcyYmJiMWU3LmpwZWc.webp?v=1623409075-vmz1I55NfswsiKRgBE9RMmDvTQEKgpdTU6biyPjBF_c
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d37d9dee51545d0a63d919e58e51a9b8ecff8f8c75606465d859204d113756c

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
80b067e7-965c-41ca-86b7-9117ce40a2c1
age
2217231
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20592
cf-request-id
0a9c51bec00000691e49b02000000001
last-modified
Tue, 11 May 2021 10:32:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468bc691e-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.adskeeper.com/g/8164868/492x277/0x183x565x376/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164868/492x277/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1623409075-u7FOc9gtqTdQ68m4X-ONJ9TkTg2Lz7kjquo4jxfSwJ0
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535ad238c9a291aa3e4d7e24cf16ad7c96398bb1f9a8e3590320daab393a2262

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
6dab8a03-db91-46f3-bbf4-fa096c330361
age
2419474
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17696
cf-request-id
0a9c51bebf0000691e6caa4000000001
last-modified
Tue, 11 May 2021 11:25:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468bb691e-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp
s-img.adskeeper.com/g/8164863/492x277/0x0x561x374/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164863/492x277/0x0x561x374/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp?v=1623409075-jb5o7QGaia6ohD-aPkEtdIaPB8-llChh7bOE_sNJ3VI
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c6b352ee76cf949d5a8e1f209492e80cd72a6fdf32ffe6fa8cac26ac7993be2

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
a227c336-80e7-4210-b891-b86fe2a373db
age
2419526
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21822
cf-request-id
0a9c51bec10000691e58134000000001
last-modified
Tue, 11 May 2021 10:27:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468c0691e-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.adskeeper.com/g/8193521/492x277/0x168x565x376/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193521/492x277/0x168x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1623409075-Dzxv2ZstijO4hlOAYnvdbPHvisgi5adtCNVP-VWI5Nw
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a2dd0cc83810d44e75df5de8fa9372d8809a1c25d38f5a912ad25117fe5d6

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
a75c0943-cdf1-4519-91e6-22a20b948a32
age
2419327
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10700
cf-request-id
0a9c51bec20000691e66b04000000001
last-modified
Tue, 11 May 2021 11:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468c1691e-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp
s-img.adskeeper.com/g/8164901/492x277/0x65x849x566/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164901/492x277/0x65x849x566/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp?v=1623409075-tk4wOqsKZpwck5cqlpmjOrCaWx1ZcQCtc_rUYqXa470
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ee1cdc7144e4539afae36a7be015b7d83711f150f767eff5fd896d92060aa2

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
5f63b34f-4725-4e68-9321-fe433bc72462
age
2419489
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12968
cf-request-id
0a9c51bec00000691e511ef000000001
last-modified
Tue, 11 May 2021 10:36:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468bd691e-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp
s-img.adskeeper.com/g/8164911/492x277/32x5x928x618/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164911/492x277/32x5x928x618/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp?v=1623409075-70dDjTbWka4MkMl1HxtVHNwaacGlxRsY39y9muHt-68
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be634f677ccb5ec45c00ec648b8b47529b36779c1888da92e8a6876f5a8decc7

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
668565f6-15a5-4f48-94a2-87cc7f189ed6
age
2419557
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5990
cf-request-id
0a9c51bec10000691e4a350000000001
last-modified
Tue, 11 May 2021 10:29:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468be691e-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp
s-img.adskeeper.com/g/8164888/492x277/0x82x614x409/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164888/492x277/0x82x614x409/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp?v=1623409075-AWzbFl3vuX_QVHgWqqzBg7c6hJ175E9wx7OlY06NAAI
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111f1b12a92609af7eb2019b4c0e41b44c8f4970cc13341ed286f85ceb88df6a

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
c48158f9-d5e8-4dbe-bff1-2b142fdaab6f
age
2419563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
11574
cf-request-id
0a9c51bec10000691e47a9d000000001
last-modified
Tue, 11 May 2021 10:37:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468bf691e-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC83NmYzY2UwMTgyMWQ4MTk2ZGU2YmRmMTNkYTAxYmMyMi5qcGVn.webp
s-img.adskeeper.com/g/8193509/492x277/0x8x617x411/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193509/492x277/0x8x617x411/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC83NmYzY2UwMTgyMWQ4MTk2ZGU2YmRmMTNkYTAxYmMyMi5qcGVn.webp?v=1623409075-4WREuUn2aBCwoqOJ_X2IOoWBtcLMFf1D0ji5pm-7nNQ
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34cc3acda298bfaea659208aaa48823b853b6f899422865714bce1750787ec0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
fc0fb831-1127-4efe-ad7d-6e1fab46f80a
age
2419422
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
41462
cf-request-id
0a9c51bec20000691e47167000000001
last-modified
Tue, 11 May 2021 11:20:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468c5691e-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.adskeeper.com/g/8164889/492x277/0x124x565x376/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164889/492x277/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1623409075-z_lsX8U27nxl9ky26qQr7Nqu2n9T_xluG4b_Qiuw4yY
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c2af45e49d12ee6a70be5a408c480a23d4820c344531d26c30890257bc0eae

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
d56c3910-0713-4da8-b8c0-26538992d6a6
age
2419549
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15682
cf-request-id
0a9c51bec20000691e51964000000001
last-modified
Tue, 11 May 2021 11:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468c4691e-CDG
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmM...
s-img.adskeeper.com/g/8164852/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164852/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNTE5MWMwNjk4OTRkYzZmMzU0N2QwODgzZjFjMmJiZDguanBn.webp?v=1623409075-BUXfKqA2mKLD6AE00iQIq8mS6w41oDJANdn6JBnNoS8
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94107a8c31d8a5e706e805defa4f5b486fe0d24861e36ad7372da7511f8d1b79

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
cf-cache-status
HIT
x-mg-request-uuid
ee076dc3-8815-448c-96eb-1aa4cc76a732
age
2419478
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20328
cf-request-id
0a9c51bec60000691e66b05000000001
last-modified
Tue, 11 May 2021 10:33:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65da524468c2691e-CDG
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
55B3FEF853787171
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=20766
accept-ranges
bytes
content-length
948
x-amz-id-2
Q642xTOmaMfnUx2ik9Ebqcgrzdt4CToIbGwQRcj5CmFnPJgGu8/7rMnrJ24M1JCzksF1mp5w/wU=
_ate.track.config_resp
v1.addthisedge.com/live/boost/mywesharemanager/ 		2 KB
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/mywesharemanager/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b22ebd3831513f7c16436da86584e07ef8cf59dd0de860603ef0c391e99b371

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
gzip
etag
-1672129713--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=27, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
622
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210611
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4b216de5c62c0596dcf6ad0eb0d7654ed55061ef55fb01f719cd5bb75eeaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
28601
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51be9900004edff1b65000000001
x-served-by
cache-fra19179-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"69f-d3V9Z+IxdKC5un7uabv9c2nVjTI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
65da52442dd04edf-FRA
ROS
ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/
Redirect Chain
  • https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbj...
  • https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?ct=1&rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&...
677 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?ct=1&rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&gdpr=1&gdprcs=
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
a8c451552af69e8b4566f73f1da49782ae1bd21fcfc852ea6503350e045268a1

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shavlik40.rssing.com
expires
Fri, 11 Jun 2021 10:57:55 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
677
x-sid
AMS-739

Redirect headers

date
Fri, 11 Jun 2021 10:57:55 GMT
server
openresty
access-control-allow-origin
https://shavlik40.rssing.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shavlik40.rssing.com/ROS?ct=1&rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-739
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shavlik40.rssing.com
date
Fri, 11 Jun 2021 10:57:55 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Fri, 11 Jun 2021 10:57:55 GMT
server
envoy
vary
origin
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
trinity.json
apex.go.sonobi.com/ 		94 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22812847d5a6cc0e%22%3A%22aebb700756e336ba0c5e%7C728x90%2C468x60%22%7D&ref=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&s=b6289f6a-889c-4ade-ac52-f20ef87f473d&pv=913ded8c-0738-413a-9bfd-d75034e59514&vp=desktop&lib_name=prebid&lib_v=4.38.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%225312%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
fc198c155465e4c9387ea08982c849c6819ab02ae5a8f9fe4068014aa0d6522b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:55 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://shavlik40.rssing.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
quantumdex
useast.quantumdex.io/auction/ 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shavlik40.rssing.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NguIr%2B20dibjQQ0LafiOZbJYOrlV%2BYYiXqnG2PZdqq1YXhqLXObEK2lvgk3S%2FNyEZlw6KvMc4jwqEnyxgpF8JSbGV8GogPxxY5B8SyyR1ZLBR0ORRT8G%2BCap20sL6Xts9%2BTGQ5yLYjj7Me6Taw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
65da5244488d4a6e-FRA
cf-request-id
0a9c51beaf00004a6ead1ac000000001
ROS
ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/
Redirect Chain
  • https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbj...
  • https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?ct=1&rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&...
677 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shavlik40.rssing.com/ROS?ct=1&rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&gdpr=1&gdprcs=
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
a8c451552af69e8b4566f73f1da49782ae1bd21fcfc852ea6503350e045268a1

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shavlik40.rssing.com
expires
Fri, 11 Jun 2021 10:57:55 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
677
x-sid
AMS-739

Redirect headers

date
Fri, 11 Jun 2021 10:57:55 GMT
server
openresty
access-control-allow-origin
https://shavlik40.rssing.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shavlik40.rssing.com/ROS?ct=1&rnd=0.492194697911404&e=728x90_0%3A728x90%2C468x60&ur=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-739
trinity.json
apex.go.sonobi.com/ 		95 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214d34c1e969ccd9%22%3A%22aebb700756e336ba0c5e%7C728x90%2C468x60%22%7D&ref=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&s=e40cfde5-14e8-49ab-9328-76b1b02bf88e&pv=913ded8c-0738-413a-9bfd-d75034e59514&vp=desktop&lib_name=prebid&lib_v=4.38.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%225312%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
7a1117ff2ebb99a928ecc4478079eebc9d3a6f616586827d1163c68b566989a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:55 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://shavlik40.rssing.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shavlik40.rssing.com
date
Fri, 11 Jun 2021 10:57:55 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Fri, 11 Jun 2021 10:57:55 GMT
server
envoy
vary
origin
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
quantumdex
useast.quantumdex.io/auction/ 		0
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shavlik40.rssing.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AOc%2FEECTaF16s4TT7pJx1uc3hu7PchcPNH7Sh%2FZmnMOYvlFJaeH1C2Ll%2FPJTJyU8nlvIyEMVU0YivmfwOez5aXOuujdrvNI7y896WcGjayMUl5tg1IUDuMRXpDvBnYf6WuiDciajMmwnhbWt8g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
65da524448904a6e-FRA
cf-request-id
0a9c51beaf00004a6ed9193000000001
req1234.php
a.rssing.com/ 		44 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.2481139350569932&i=21784001&r=2118&h=537760374&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23049-20-1291%2F620-157%2Fmissing%2Buninstaller.png&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VDoBTrM3RWZugXE8Bi8wl28tuWRzfDs58JeQo4n4aLa%2BichZ67bEbldxYPwaxNnJUHDydkpBRMv6DbRVf0SpnuY6Q545ggd2a5M7S1VhPTpew5AjWvcEu%2B%2BV5s6bFGdyUFoECR79"}],"group":"cf-nel","max_age":604800}
cf-ray
65da524449ac4dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51beae00004dfa39840000000001
missing+uninstaller.png
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23049-20-1291/620-157/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23049-20-1291/620-157/missing+uninstaller.png
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
req1234.php
a.rssing.com/ 		44 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.5546615864546449&i=21784001&r=2123&h=1559294407&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2202%2F620-499%2FCustom%2Bproduct.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l8qnTzuNIhHU8qdHQS1rBcirxWamm39zfASYQCK2WmEQ9iMhHS5%2F3PJBycmutDtaw39RV%2F5wypZaBh6z1zB4XQLYwHOLxhTJw25PLsOAPeo5xN2R5WIq6abibax3IOm%2FahUsGFTd"}],"group":"cf-nel","max_age":604800}
cf-ray
65da524449b04dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51beae00004dfa008dc000000001
Custom+product.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2202/620-499/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2202/620-499/Custom+product.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ina.webp
www.rssing.com/inc2/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rssing.com/inc2/img/ina.webp
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ae96b79ae5261035666bd241755f51ba69786c44b28aa8dab0e9d5bd6d69a9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:55 GMT
access-control-allow-methods
*
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
127079
content-security-policy-report-only
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51beae00004e371c01b000000001
last-modified
Sun, 19 Jul 2020 00:07:16 GMT
server
cloudflare
etag
W/"1408-5aac02c3d0efb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Dt%2BsD50E4cvTB2X3Ji6aXXZjmW8UgFxtk%2BYpnMEIsDeQBpLo%2FvCUf3EoC6TBNIl5Es9oJzNlk5Jm0ZgNLLefGezNOGfXQIiT76k4Va%2BcDYBE9Iyer%2BITxiGqZC5kdLx24Rm59eJE03E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=172800
content-security-policy
block-all-mixed-content
cf-ray
65da52444a0c4e37-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 23:39:56 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Fri, 11 Jun 2021 10:57:55 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
/
tag.vlitag.com/passback/ Frame 6461 		0
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/passback/?t=1623404854&d=1368&z=19080&divID=vi_136819080_263&w=728&h=90
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1518
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9c51bfbc0000536afd927000000001
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W3LA%2Fvr6GzkGhLrvPzSG39OyL%2BFj7BoZ23TIVO%2BZ90qLYitSzk2dplLN9qOtN23KJkNJ%2Bp0P%2F7uGPR8D7%2FRNB6Jf04wzN2m0EDl65%2BuRyIYpxkxitFNKDp6q0oDgtALLGRYSkNNfFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
65da5245fbd6536a-FRA
/
stats.vlitag.com/pi/ Frame 6461 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.vlitag.com/pi/?e=zdNUZBKUUtt-ZUKe-PwBY-wtAr-ZaPYMaqTtUTARzNhqllwqe0RrNTBUMRmNTaAMARrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kD3vRQe8g250hup25Ib3gJIQdotMKzek8aHGTcmf8GfZzfzbgGkFZ7UoW6%2BDZ2I6y2EZRSOd7rNTFN1dAmtAmobZb516Dg5WXYl3bXTCuiaaFlJx4MJGHnC6aK4pxlTnnYUXLIB%2Fna6T"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
65da52460c1b3248-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9c51bfc300003248caa79000000001
js
www.googletagmanager.com/gtag/ Frame FA8B 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
deac8492ec6806c4b8a2ca07f7d26c5e4faf78fe6a80090c57742005daf939c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36067
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 10:57:56 GMT
/
tag.vlitag.com/passback/ Frame 3947 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/passback/?t=1623404854&d=1368&z=19080&divID=vi_136819080_847&w=728&h=90
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=00XUTnMAm7xj6kTl25tDKE5WgguEpbKSb60yphUhS7k83q9W6MFHj%2FpFrmAh7rmOJbHjJxpwycP8mfCQl7d9v%2F%2BaAEoV7eqMJZNk1HyttUcciq0gFBxMEPwhfoB7MN%2BVlwPgiH1zHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0a9c51bfce0000536ae03e3000000001
accept-ranges
bytes
cf-ray
65da52461c14536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
stats.vlitag.com/pi/ Frame 3947 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.vlitag.com/pi/?e=zdNZtYUKayw-YeKY-PyrZ-weKP-YwZBMAKeYqABRzNhqllwqe0RrNTBUMRmNTaAMARrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623404854/0f8e9718699fbe484d62023a1d28b989.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tTHRP97Q2%2FHnBMl18DlW4E23NRwlhHlQfHFT6vA5iz6dcc76TPwVtRIpbEQtpFHE9Mcigk15SrsJig%2FUszSScS%2FyvCvvyYXEuTwz8UQC7J%2BRkTqeig6dcVrNoEyQq3iG6tElfqlB90HL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
65da52461c473248-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9c51bfce000032482bb31000000001
analytics.js
www.google-analytics.com/ Frame FA8B 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3435
date
Fri, 11 Jun 2021 10:00:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 11 Jun 2021 12:00:41 GMT
collect
www.google-analytics.com/j/ Frame FA8B 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=168506773&t=pageview&_s=1&dl=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&ul=en-us&de=UTF-8&dt=noBid_rssing.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=rssing.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=740084381&gjid=726679578&cid=1736917990.1623409075&tid=UA-128776493-30&_gid=198960400.1623409075&_r=1&gtm=2ou690&z=1104166436
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame FA8B 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=168506773&t=pageview&_s=2&dl=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&ul=en-us&de=UTF-8&dt=noBid_rssing.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=rssing.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=1736917990.1623409075&tid=UA-128776493-30&_gid=198960400.1623409075&gtm=2ou690&z=1525426794
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 09:47:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4215
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
req1234.php
a.rssing.com/ 		44 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.31285053740672675&i=21784001&r=2123&h=1469816444&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2203%2F620-446%2FBulletin.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:57 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Kk4xgnxJqgQD4EgahWbABJPtwlZib%2BqbESwnDovyhvR%2FUaA81MlvBq4wt%2F5wwKIHzi1t4WZYV6OVSpaMptaMmrTnnuZV0DupvCoy3tc2OJ8DsWd%2BfSLbUG8mub5DN9Qeca3V40J%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
65da52482c124dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51c11b00004dfa0b21a000000001
redirect.aspx
community.shavlik.com/
Redirect Chain
  • https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2203/620-446/Bulletin.PNG
  • https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Date
Fri, 11 Jun 2021 10:57:16 GMT
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
Location
/redirect.aspx?url=https://forums.ivanti.com
Cache-Control
private
Content-Security-Policy
default-src 'none'; script-src 'self'; img-src 'self'; style-src 'self'
Content-Length
173
X-XSS-Protection
1; mode=block
req1234.php
a.rssing.com/ 		44 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.12432671685490027&i=21784001&r=2123&h=1653235540&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2204%2F620-447%2FCustom%2Bpatch.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TGaipUvYwiDr9DMbcO3x%2BEOv%2B9PWn1xOdxgnf5RythvI1Gog1BWeC%2F6AivsmkhikDC68dhzDqxl7ZTFNwMrVzGtPq971Ek%2BN0K87CAVIbERN6VcT08vb8HbgmmSZ0YFhsQrexCEN"}],"group":"cf-nel","max_age":604800}
cf-ray
65da524cd8e54dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51c40500004dfa553d1000000001
Custom+patch.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2204/620-447/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2204/620-447/Custom+patch.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
request.php
www.rssing.com/ 		2 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rssing.com/request.php?req=iinfo&ii=aa29864668c0c543733023c1c1bca8742761c1533c2025007338c-1c-1bca63014280c205c2011232230c1024c576bca56147506c33890c761173176c1200c900bca37170478c1182c1292509034c400c400bca7954152c4882c1278932974c130c30bca25961306c291c1279649316c800c573bca55595602c2c1594761747c320c212bca1077130c11001c1019392439c480c360bb
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.21
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.21
content-security-policy-report-only
access-control-allow-methods
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51c64700004dfa353de000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BTUHkWM3b8Jr2gCT%2FQ5FKMXEt%2BEf2i6oppQmQsraR5s6dhfaUNR1Y4YwbwFiJdBYQG2FO1rZ8l3BqBgEKKR1eTmM1xPPCJmpKYPkP%2FjGCmVd6DBpwP7PgGb9Ez8MAN5oS9x7NmmKlG4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
vary
CF-Connecting-IP,X-Nginx-Scheme,Accept-Encoding
cache-control
max-age=0
content-security-policy
block-all-mixed-content
cf-ray
65da52507ae44dfa-FRA
access-control-allow-headers
*
expires
Fri, 11 Jun 2021 10:57:58 GMT
req1234.php
a.rssing.com/ 		44 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.9724646467772093&i=21784001&r=2123&h=791366387&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2205%2F620-484%2FFile%2BDetails.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ub%2BfJppt8VQ%2BejH6uB%2FTJAk1mIg592rrdUIhWJLIcl%2BopjIZR958tPM12S15aPn1qryc%2FtqfFb9A6TjqlJ0LqXpWQrmv3v%2BY%2FDYYG7DzvnQYPrJ6oXp06KCqRyM3jZcK9PJTL5PK"}],"group":"cf-nel","max_age":604800}
cf-ray
65da52508b2b4dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51c65900004dfa14881000000001
File+Details.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2205/620-484/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2205/620-484/File+Details.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
req1234.php
a.rssing.com/ 		44 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.8250454906788924&i=21784001&r=2123&h=406542194&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2206%2F620-499%2FTargeting.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:58 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yDTBJa%2BeI%2BfEA6EoghlErLhonrdP%2BSnyJG1YQ1MCy56w6ty1gjdYWf1NcAv0syhXJ0Kj0Y7IxdJxBz8jA40aFAWzxrvDEU5ppgnUIGJpxIXuiZ1O%2BIWmOOvL6TpNqDNvNmRpx%2F0g"}],"group":"cf-nel","max_age":604800}
cf-ray
65da52543d7c4dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51c8a200004dfa21333000000001
redirect.aspx
community.shavlik.com/
Redirect Chain
  • https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2206/620-499/Targeting.PNG
  • https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Date
Fri, 11 Jun 2021 10:57:17 GMT
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
Location
/redirect.aspx?url=https://forums.ivanti.com
Cache-Control
private
Content-Security-Policy
default-src 'none'; script-src 'self'; img-src 'self'; style-src 'self'
Content-Length
173
X-XSS-Protection
1; mode=block
/
spl.zeotap.com/ Frame 30C1 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de750f5a476ca13b2ef6e73c92e936ea35a2ab057553b5c353a04040e74e1409

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://shavlik40.rssing.com
set-cookie
zc=6cf49440-70c5-4c60-7d76-081d4166477b; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%BD%603%8C%A7U%B67%2F%7Cd%7F%876%60%D6%DF%23K%A3%93W%A6%DA%B8%E3%F2%DC%21%B9%06%01%60%88%2C%3D%1Eiz%15UK6Lh%ECvQ%00a%D7%80%B3%0F%ABO%10%DA%7F%94%D5%95%2C9%00%BB%D7%E0%40%15%1B%AE%04A%FF%27%CF%BC%3A%8A%E66%8D%EF%E5%A8%8F%0Al%24%3E%8F%F6%B2%A7Et%29%CF%85J%AE%D9c5%E1r%F4L%CDL%9C%1Cxm%F8%9AF%3Co%28%AFB%9D1%BA0%9D%11%87%EA%B5%C57%DAU%91%2A%C3%BF%EFf%CF%17U%8E%80%7B%D0%17jL%8Aw%FAN%B0Y%3E%A0%A6%80%7C%2B%82i%A4%84; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a9c51cb890000c27caa13b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65da5258dbc3c27c-FRA
content-encoding
br
/
spl.zeotap.com/ Frame F57E 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324d38a4f88db95f565747f181b62c1928cf009804a150975b9d3197ac724693

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://shavlik40.rssing.com
set-cookie
zc=8aad5ec6-0351-4905-6784-b2cece3d271e; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=Z%C6%CD%E5%CB%883%A7%F6%7C%05%A0w%1B%CE%D3%04%C7%D0r%C8%22G%C9%0AJ%0B%8A%16%BE%10%00%C0F~7%97+V%93R%24%2C9%9ED%F4%AD%3D%23%E2%DE%8A%F9%E5%3D%83b%D1%7F%7Fo%82%AE%08Q%D8y%D1%BA%1E%7B%0C0%A4%CB%5B%B7%106%DA%B9%1F%0C%21%E5%CE%22r%B8D%84%E3%BA%A9%22xw%C2%5D%E3%A5%24k%B5%2F%ACZ%B6%E3%93%BC%AA%81F%8D%E6%B0%DC%5D%96%A8%B2%D9G%FD%25%F1%9Br%3A%7D%14%19%88zM%12%AE%9F%DBd%DDE%F5%B5%BF%F8%3DV%D3c%01%29_%BE%C9%B8%E9e%EE%B1%11%82%B5VT%5E; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a9c51cb8a0000c27cf41b8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65da5258dbc5c27c-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame DA49 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2997bc14c16c7342737a75d153b49c2106d67f74f1a375229816a5dd5b5f5e0a

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=54d3a86f-48a6-42cb-905f-b9b2892201b5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
content-type
text/html
set-cookie
uid=54d3a86f-48a6-42cb-905f-b9b2892201b5; expires=Thu, 01 Jul 2021 10:57:59 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a9c51cb7c00004a6ebfafc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q3iSI8gBxgr1X9BriUUmw5ziuBMpyXE%2BNkIIWqeNTBzFWSU%2FPqSkr8QgpJ5s95TMs51DUOiTL4DmizGupZ7DNx3Fp8CqA%2BZIRkzvW3SCSyFjhLWPbDRmJOccRL1i1gY8u38cNSFt1C63E3Q%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65da5258cc504a6e-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame 853F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
051539dec31ebbbbef392c29413e79314ab7d04b26c1a3e0a53f08af1d722c8f

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=54d3a86f-48a6-42cb-905f-b9b2892201b5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
content-type
text/html
set-cookie
uid=54d3a86f-48a6-42cb-905f-b9b2892201b5; expires=Thu, 01 Jul 2021 10:57:59 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a9c51cb7b00004a6ef1085000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=APrQujKV7wcCmN78reUxF%2Fc77RwdFisD%2FDwsiLDtS2AviqFR%2B2MAMxIfziWDpcOtgTciO0pAbHyv2myU7xD%2F7r%2Bpwk1ipqyej6Vznb9f%2FxO5qBDiKprLNo9mGbgXVFlyR4n7WjiSBBvBVSo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65da5258cc484a6e-FRA
content-encoding
br
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D26a19ecf100f6a11
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=26a19ecf100f6a11&uid=020000009B41C3600F16BE7002205910
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=26a19ecf100f6a11&uid=020000009B41C3600F16BE7002205910
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=26a19ecf100f6a11&uid=020000009B41C3600F16BE7002205910
date
Fri, 11 Jun 2021 10:57:31 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D26a19ecf100f6a11%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D26a19ecf100f6a11%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=26a19ecf100f6a11&uid=921a2564ea3e6b106eb80d1b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=26a19ecf100f6a11&uid=921a2564ea3e6b106eb80d1b
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=26a19ecf100f6a11&uid=921a2564ea3e6b106eb80d1b
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
um
sync.e-planning.net/
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3175432216
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3175432216
  • https://sync.1rx.io/usersync/tradedesk/e0e65c91-f285-4edd-b20a-05a825954a3b
  • https://sync.targeting.unrulymedia.com/csync/RX-504e2e31-51fa-493d-8792-f6d049bde754-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-504e2e31-51fa-493d-8792-f6d049bde754-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-504e2e31-51fa-493d-8792-f6d049bde754-003&dc=1079cc634ca638f8&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-504e2e31-51fa-493d-8792-f6d049bde754-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-504e2e31-51fa-493d-8792-f6d049bde754-003&dc=1079cc634ca638f8&iss=1
date
Fri, 11 Jun 2021 10:58:02 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX504e2e3151fa493d8792f6d049bde754003
content-type
text/html
req1234.php
a.rssing.com/ 		44 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.2977786987635105&i=21784001&r=2123&h=1424182529&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2207%2F620-446%2FDeployment%2Binfo.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=soTX%2FoOfdcYIiby0%2F1oa2z3%2BmiWPrPs4V%2Fsk3ktq%2FYrgOIQsGersUuvHvYexH4jsQekp8kcb09Oq2KqA9iig3McXP6%2BElVdQG1ewTj2sLz9lSdvEhReqCTt4yXE%2B5ojzMyF%2FvhxP"}],"group":"cf-nel","max_age":604800}
cf-ray
65da5258fb464dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51cba000004dfafba93000000001
Deployment+info.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2207/620-446/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2207/620-446/Deployment+info.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getuid
ib.adnxs.com/ Frame 30C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-7...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEEINK1vSyjnv72JysVWay98&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe87...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEEINK1vSyjnv72JysVWay98&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da5259fdb2c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc400000c27c0d33a000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEEINK1vSyjnv72JysVWay98&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=c0a7c9d4-2887-4df3-abf7-109610cb2cec&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049...
95 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=c0a7c9d4-2887-4df3-abf7-109610cb2cec&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52598cf1c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cbf90000c27cacbe8000000001

Redirect headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=c0a7c9d4-2887-4df3-abf7-109610cb2cec&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 30C1 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De...
  • https://mwzeom.zeotap.com/mw?cid=e0e65c91-f285-4edd-b20a-05a825954a3b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=e0e65c91-f285-4edd-b20a-05a825954a3b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a3e0dc27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc630000c27c9a8a7000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=e0e65c91-f285-4edd-b20a-05a825954a3b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 30C1 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1623409079.259641,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11577-HHN
u
dmp.v.fwmrm.net/ad/ Frame 30C1 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:2::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 30C1 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=f0a7b541-4427-4467-b74d-eb4bb1f4ead2&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f0a7b541-4427-4467-b74d-eb4bb1f4ead2&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a2dfbc27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc620000c27cffb25000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=f0a7b541-4427-4467-b74d-eb4bb1f4ead2&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6cf49440-70c5-4c60-7d76-081d4166477b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6cf49440-70c5-4c60-7d76-081d4166477b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=26683112261451962451255180073320464952&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-...
95 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=26683112261451962451255180073320464952&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a9eb8c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc9b0000c27c99990000000001

Redirect headers

DCS
dcs-prod-irl1-1-v008-0cc7187a7.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GXs4rJubQsU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=26683112261451962451255180073320464952&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 30C1 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=6cf49440-70c5-4c60-7d76-081d4166477b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-60361-0.594190001623409076-4edbaf98b1a0de395a5e09b058948b41&zdid=533&env=mWeb
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-60361-0.594190001623409076-4edbaf98b1a0de395a5e09b058948b41&zdid=533&env=mWeb
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a4e1ec27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc690000c27ccc1db000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-60361-0.594190001623409076-4edbaf98b1a0de395a5e09b058948b41&zdid=533&env=mWeb
Date
Fri, 11 Jun 2021 10:57:56 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6972488902342277265&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6972488902342277265&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a0dc7c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc490000c27cf8377000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6972488902342277265&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 30C1 		95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=6cf49440-70c5-4c60-7d76-081d4166477b
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6cf49440-70c5-4c60-7d76-081d4166477b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6cf49440-70c5-4c60-7d76-081d4166477b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=BGS2H9Ud/cjgOcTj5hUjZe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-40...
95 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=BGS2H9Ud/cjgOcTj5hUjZe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da526eef25c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51d94f0000c27cd70e8000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:02 GMT
via
1.1 google
last-modified
Fri, 11 Jun 2021 10:58:02 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=BGS2H9Ud/cjgOcTj5hUjZe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 30C1 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=6cf49440-70c5-4c60-7d76-081d4166477b&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.106 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:06 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6cf49440-70c5-4c60-7d76-081d4166477b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=6cf49440-70c5-4c60-7d76-081d4166477b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52612b1fc27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51d0bd0000c27cdf9ed000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
cache-control
no-cache
x-server
10.45.4.92
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-kwMcDcZE2ooUbMyQa5YWgCNCiReo5YurFg--~A&zpartnerid=570&env=mWeb
95 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-kwMcDcZE2ooUbMyQa5YWgCNCiReo5YurFg--~A&zpartnerid=570&env=mWeb
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525adf35c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51ccca0000c27c9a8af000000001

Redirect headers

date
Fri, 11 Jun 2021 10:57:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-kwMcDcZE2ooUbMyQa5YWgCNCiReo5YurFg--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5tMGWk1s0awO%2Bk0rWtv4SXrC1X3eUqXx%2BS41iYitP1U%3D
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5tMGWk1s0awO%2Bk0rWtv4SXrC1X3eUqXx%2BS41iYitP1U%3D
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525c29abc27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cda10000c27cc40be000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5tMGWk1s0awO%2Bk0rWtv4SXrC1X3eUqXx%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 30C1 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=6cf49440-70c5-4c60-7d76-081d4166477b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 30C1 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1623409079
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 30C1 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=6cf49440-70c5-4c60-7d76-081d4166477b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBuAABs9i6QwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f34...
95 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBuAABs9i6QwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&_test=YMNBuAABs9i6QwA4
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da5261ec7dc27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51d1350000c27caf31d000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623409081.623665,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBuAABs9i6QwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&_test=YMNBuAABs9i6QwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=f06960c3-41b7-4900-84f1-2a9c84d390e3&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f06960c3-41b7-4900-84f1-2a9c84d390e3&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525cdaf0c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51ce0e0000c27cf6158000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=f06960c3-41b7-4900-84f1-2a9c84d390e3&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 11 Jun 2021 10:59:50 GMT
usermatch.gif
beacon.krxd.net/ Frame 30C1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OLLfrGwn&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=062e7137-d823-4611-68dc-7e4c637a8161
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=062e7137-d823-4611-68dc-7e4c637a8161
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:06 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1623409086
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 11 Jun 2021 10:58:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=062e7137-d823-4611-68dc-7e4c637a8161
access-control-allow-credentials
true
cf-ray
65da52894c42c27c-FRA
access-control-allow-headers
*
cf-request-id
0a9c51e9c80000c27cf4053000000001
dcm
aax-eu.amazon-adsystem.com/s/ Frame 30C1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf49440-70c5-4c60-7d76-081d4166477b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d7...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf49440-70c5-4c60-7d76-081d4166477b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d7...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf49440-70c5-4c60-7d76-081d4166477b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&dcc=t
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf49440-70c5-4c60-7d76-081d4166477b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 30C1
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=6cf49440-70c5-4c60-7d76-081d4166477b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525ff8d3c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cff70000c27c9a8f2000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Fri, 11 Jun 2021 10:58:00 GMT
Connection
keep-alive
Content-Length
0
BK-Server
9afa
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 30C1 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf49440-70c5-4c60-7d76-081d4166477b%26reqId%3De7fe879a-9f67-4049-75b6-f349e0fe4f22%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.215.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 30C1 		557 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd4728676804bac78e7b92d149c43ef4789ce8dacbab9a44626aa7b0c1ac36a

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
65da52593c5dc27c-FRA
date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
0a9c51cbc40000c27cf037c000000001
getuid
ib.adnxs.com/ Frame F57E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7b...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEP--lo7Igk1LwQfbYtVnRNo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab3693...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEP--lo7Igk1LwQfbYtVnRNo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da5259fdb3c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc400000c27cc1284000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEP--lo7Igk1LwQfbYtVnRNo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=c0a7c9d4-2887-4df3-abf7-109610cb2cec&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=c0a7c9d4-2887-4df3-abf7-109610cb2cec&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52598cf5c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cbfa0000c27ca11f8000000001

Redirect headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=c0a7c9d4-2887-4df3-abf7-109610cb2cec&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame F57E 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Da...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Da...
  • https://mwzeom.zeotap.com/mw?cid=e0e65c91-f285-4edd-b20a-05a825954a3b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=e0e65c91-f285-4edd-b20a-05a825954a3b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a3e09c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc630000c27c97b99000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=e0e65c91-f285-4edd-b20a-05a825954a3b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame F57E 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1623409079.259596,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11577-HHN
u
dmp.v.fwmrm.net/ad/ Frame F57E 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:2::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F57E 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=f0a7b541-4427-4467-b74d-eb4bb1f4ead2&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f0a7b541-4427-4467-b74d-eb4bb1f4ead2&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a2df9c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc5d0000c27ce1b3c000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=f0a7b541-4427-4467-b74d-eb4bb1f4ead2&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=8aad5ec6-0351-4905-6784-b2cece3d271e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=8aad5ec6-0351-4905-6784-b2cece3d271e&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=26683112261451962451255180073320464952&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=26683112261451962451255180073320464952&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a9eb5c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc9b0000c27cc39ec000000001

Redirect headers

DCS
dcs-prod-irl1-2-v008-0142f745a.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
i9BOh4FBTRU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=26683112261451962451255180073320464952&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame F57E 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=8aad5ec6-0351-4905-6784-b2cece3d271e&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-60843-0.599349001623409076-242d46f0db3f01d9ed4d297b140f916d&zdid=533&env=mWeb
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-60843-0.599349001623409076-242d46f0db3f01d9ed4d297b140f916d&zdid=533&env=mWeb
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a4e32c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc6e0000c27cfb0e1000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-60843-0.599349001623409076-242d46f0db3f01d9ed4d297b140f916d&zdid=533&env=mWeb
Date
Fri, 11 Jun 2021 10:57:56 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6972488902342998155&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6972488902342998155&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525a0dc5c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cc480000c27cb4883000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6972488902342998155&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame F57E 		95 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=8aad5ec6-0351-4905-6784-b2cece3d271e
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=8aad5ec6-0351-4905-6784-b2cece3d271e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=8aad5ec6-0351-4905-6784-b2cece3d271e&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=BGS2H9Ud/cjgOcTj5hUjZe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46...
95 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=BGS2H9Ud/cjgOcTj5hUjZe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da526eef29c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51d9500000c27ca1318000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:02 GMT
via
1.1 google
last-modified
Fri, 11 Jun 2021 10:58:02 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=BGS2H9Ud/cjgOcTj5hUjZe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame F57E 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=8aad5ec6-0351-4905-6784-b2cece3d271e&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.106 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:06 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=8aad5ec6-0351-4905-6784-b2cece3d271e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=8aad5ec6-0351-4905-6784-b2cece3d271e?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-ad...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52616b88c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51d0e20000c27cfb13c000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
cache-control
no-cache
x-server
10.45.27.244
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-KqBAar9E2oqaA7uHymRoH9xv1Dz1j8jeoQ--~A&zpartnerid=570&env=mWeb
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-KqBAar9E2oqaA7uHymRoH9xv1Dz1j8jeoQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525adf33c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51ccc90000c27cacbf8000000001

Redirect headers

date
Fri, 11 Jun 2021 10:57:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-KqBAar9E2oqaA7uHymRoH9xv1Dz1j8jeoQ--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9wO%2Bk0rWtv4Sf8PirGD5Hb%2F%2BS41iYitP1U%3D
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9wO%2Bk0rWtv4Sf8PirGD5Hb%2F%2BS41iYitP1U%3D
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525c29b4c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cd9c0000c27cc129e000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:57:59 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9wO%2Bk0rWtv4Sf8PirGD5Hb%2F%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame F57E 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=8aad5ec6-0351-4905-6784-b2cece3d271e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame F57E 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1623409079
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame F57E 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=8aad5ec6-0351-4905-6784-b2cece3d271e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBuAABeUwAkgBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBuAABeUwAkgBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&_test=YMNBuAABeUwAkgBg
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da5261ec79c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51d1350000c27c03983000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623409081.623393,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBuAABeUwAkgBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&_test=YMNBuAABeUwAkgBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=c31060c3-41b7-4d00-84cd-c4a1594cf8c8&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=c31060c3-41b7-4d00-84cd-c4a1594cf8c8&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525cfb2bc27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51ce1a0000c27cf839a000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=c31060c3-41b7-4d00-84cd-c4a1594cf8c8&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 11 Jun 2021 10:59:50 GMT
usermatch.gif
beacon.krxd.net/ Frame F57E
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OLLfrGwn&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2c173c83-5fe4-42a2-6ee3-f91bc1c26124
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2c173c83-5fe4-42a2-6ee3-f91bc1c26124
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:06 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1623409086
x-served-by
beacon-n004-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 11 Jun 2021 10:58:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2c173c83-5fe4-42a2-6ee3-f91bc1c26124
access-control-allow-credentials
true
cf-ray
65da52894c43c27c-FRA
access-control-allow-headers
*
cf-request-id
0a9c51e9c90000c27c089c5000000001
dcm
aax-eu.amazon-adsystem.com/s/ Frame F57E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=8aad5ec6-0351-4905-6784-b2cece3d271e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-678...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=8aad5ec6-0351-4905-6784-b2cece3d271e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-678...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=8aad5ec6-0351-4905-6784-b2cece3d271e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&dcc=t
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=8aad5ec6-0351-4905-6784-b2cece3d271e&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F57E
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=8aad5ec6-0351-4905-6784-b2cece3d271e&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da525eff60c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51cf600000c27ce1b71000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Fri, 11 Jun 2021 10:58:00 GMT
Connection
keep-alive
Content-Length
0
BK-Server
1b7c
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame F57E 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D8aad5ec6-0351-4905-6784-b2cece3d271e%26reqId%3Dab36938c-adcb-46b6-7bf9-7ca0a39ceb2b%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.215.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame F57E 		557 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6bc818494c207b0e9348d0c59764d09f2952298d727766f3d0a4641e903a8ee

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
65da52594c6ec27c-FRA
date
Fri, 11 Jun 2021 10:57:59 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
0a9c51cbcd0000c27caf2b4000000001
cmp
spl.zeotap.com/ Frame 30C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf49440-70c5-4c60-7d76-081d4166477b&reqId=e7fe879a-9f67-4049-75b6-f349e0fe4f22&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=8aad5ec6-0351-4905-6784-b2cece3d271e; zsc=Z%C6%CD%E5%CB%883%A7%F6%7C%05%A0w%1B%CE%D3%04%C7%D0r%C8%22G%C9%0AJ%0B%8A%16%BE%10%00%C0F~7%97+V%93R%24%2C9%9ED%F4%AD%3D%23%E2%DE%8A%F9%E5%3D%83b%D1%7F%7Fo%82%AE%08Q%D8y%D1%BA%1E%7B%0C0%A4%CB%5B%B7%106%DA%B9%1F%0C%21%E5%CE%22r%B8D%84%E3%BA%A9%22xw%C2%5D%E3%A5%24k%B5%2F%ACZ%B6%E3%93%BC%AA%81F%8D%E6%B0%DC%5D%96%A8%B2%D9G%FD%25%F1%9Br%3A%7D%14%19%88zM%12%AE%9F%DBd%DDE%F5%B5%BF%F8%3DV%D3c%01%29_%BE%C9%B8%E9e%EE%B1%11%82%B5VT%5E
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a9c51cbec0000c27cfb0d9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65da52597ccac27c-FRA
cmp
spl.zeotap.com/ Frame F57E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=8aad5ec6-0351-4905-6784-b2cece3d271e&reqId=ab36938c-adcb-46b6-7bf9-7ca0a39ceb2b&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=8aad5ec6-0351-4905-6784-b2cece3d271e; zsc=Z%C6%CD%E5%CB%883%A7%F6%7C%05%A0w%1B%CE%D3%04%C7%D0r%C8%22G%C9%0AJ%0B%8A%16%BE%10%00%C0F~7%97+V%93R%24%2C9%9ED%F4%AD%3D%23%E2%DE%8A%F9%E5%3D%83b%D1%7F%7Fo%82%AE%08Q%D8y%D1%BA%1E%7B%0C0%A4%CB%5B%B7%106%DA%B9%1F%0C%21%E5%CE%22r%B8D%84%E3%BA%A9%22xw%C2%5D%E3%A5%24k%B5%2F%ACZ%B6%E3%93%BC%AA%81F%8D%E6%B0%DC%5D%96%A8%B2%D9G%FD%25%F1%9Br%3A%7D%14%19%88zM%12%AE%9F%DBd%DDE%F5%B5%BF%F8%3DV%D3c%01%29_%BE%C9%B8%E9e%EE%B1%11%82%B5VT%5E
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a9c51cbf20000c27c03921000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65da52598ce1c27c-FRA
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=199231267590944042
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=199231267590944042
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=svzYJb5kypoefSNqIm0nXIqTEGiKrTRgZP0H%2FWG%2BaoUAAqpDWyf3F0Ds0P78M%2B9wfok5avv%2BElZYaw6L3BOV45HVC9%2BmSzJwxjQ2ykqyD8t%2FQqfkFd4%2FkmjKeWbqBAgEtPmEV2ToozW%2FaQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525a2fbc4a6e-FRA
content-length
43
cf-request-id
0a9c51cc5b00004a6e229a9000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.103:80
AN-X-Request-Uuid
56070d0d-8fb3-4983-8f3a-825b893ee5b9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=199231267590944042
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0jJzNDFrYFujbn%2FYu6PMp5eGTemHMOs9NvsrOiqKmtxpPaYfKAPoyOqJUZkjCVPsgLq99oCf7GX3%2B%2FH1xzRcELKsd1iGog2xawUmztf1bG6051RugIAdDnmHPF%2BXPtZULTq3SmOPhE%2B57ZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525b8ab04a6e-FRA
content-length
43
cf-request-id
0a9c51cd3a00004a6ecf296000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-945ae32a-664b-4cc0-afa0-3630664c1e40
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-945ae32a-664b-4cc0-afa0-3630664c1e40
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oa1dtfTtBxEmnTdqXi%2BRVhsm1tMyG9Huu3ZweQgfuhgr1NUjuDNe389t8PdninYUMOeDZJXf9ruKADJLRuuuExNLiM1yM9f8BUerXFq0%2FYwG6CQWMKXc5RIFJqVz2E1Naz26risIcJtvo90%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525d3f3a4a6e-FRA
content-length
43
cf-request-id
0a9c51ce4300004a6ed9334000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-945ae32a-664b-4cc0-afa0-3630664c1e40
date
Fri, 11 Jun 2021 10:57:59 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5115196821678101337
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5115196821678101337
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tWFuCXiuXVfLbDMIRMz5qI%2Fsrq1Wr8DQzQB41EQviQGTZ96zHyuC7fSvHtd9b3d3Kr6BFC%2BSpEtsFR%2FP0IEH9X%2BegOkhvL4obIsjFRFJKMF0yAA6AYtuU4mgLu4wvzGrkDO1rX8TWnaFMSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525a48044a6e-FRA
content-length
43
cf-request-id
0a9c51cc6c00004a6e9aa71000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.141:80
AN-X-Request-Uuid
d6c614ed-6b05-49c9-8aa8-82b84f7ea8c0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5115196821678101337
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1344508669877963302
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1344508669877963302
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1BE2bbHjUAftpe3uARGtOgT%2F0ukbrVGf0Pnplh4Q%2BenQC52iOfG7SAyqfRe%2BPo9QgA85hhWqhPOhkCYZYvjSM5HVGT%2FPSSyCUQ3UXvNcSmN4etBTbwHRML%2BmSDc4C252%2BcaZzLe1tQvXlzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525a2fc34a6e-FRA
content-length
43
cf-request-id
0a9c51cc5d00004a6eebb59000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.132:80
AN-X-Request-Uuid
8e4bff47-0e4f-43e1-a3b2-7917a98bb839
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1344508669877963302
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 853F 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=e6e63064-bed4-4d1b-a363-ca787facc32d
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=e6e63064-bed4-4d1b-a363-ca787facc32d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=InyT2Yl5KMdvNQrBnEhLwgF%2Fjgk5CX77hQGgmI%2FTWGyneQPojqDi8d6xRKwUmeuDSpqQQgusg4jUDGXirFdPXktyacp%2FcrUyf5PGjbwhIvnzdPmAqS6w%2FmyZXFDTmbIqDVk8hbgHhwfALHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525ac9184a6e-FRA
content-length
43
cf-request-id
0a9c51ccbf00004a6ee908b000000001

Redirect headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2k30Jz%2BUH4b%2Fp8P2h0IctFAOoKiCCjPdPNO0NIOUgec%2B4aH08Wgzb0yZ3QbXciS1MoUfZWchmvMc3ptwAZJ9fTvdVFdLlORZlmUFGIkcw656xHxEPa0IHmQYS65TEuVtPNEYQ4ggEIYR"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=e6e63064-bed4-4d1b-a363-ca787facc32d
cf-ray
65da5259ff2e4a6e-FRA
content-length
0
cf-request-id
0a9c51cc4100004a6efb38f000000001
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=921a2564ea3e6b106eb80d1b
43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=921a2564ea3e6b106eb80d1b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pux7WiAkPAactzUQvZvReNm0wOVJuiZi7pSu6TG9ISUtyCf2zj%2BahfmANDurlUikNLF3owkBbHIxYJZiLh1PoiSzWLKosBQwO%2B7Dp5NM%2BogaxUw%2Fhaa4DG3TBwnZEZXCGwd6QSJo9%2BiNmnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525a0f3f4a6e-FRA
content-length
43
cf-request-id
0a9c51cc4300004a6e610cc000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=921a2564ea3e6b106eb80d1b
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eY5.uLRE2uGoiCvVmFz02iVxjAlvFONc_RTFAyg-~A
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eY5.uLRE2uGoiCvVmFz02iVxjAlvFONc_RTFAyg-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6zlKvQ0GWtAyIIdtFhQROXliodYfQ53zun5yBGSD9t7va7y03J0%2ByjAwhUMNv2fC6AFaJgBR1AKSUCByu7Qw0p2p5JIgmDUyocdh3Kr3n0NS7bkkfWJ6NRJlK9PNHIS11Iu4fWT2GP%2FnqO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da526d587b4a6e-FRA
content-length
43
cf-request-id
0a9c51d85400004a6e61205000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:58:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eY5.uLRE2uGoiCvVmFz02iVxjAlvFONc_RTFAyg-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f9b90fea-9493-51a2-b83e-1574d8fd54ce
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f9b90fea-9493-51a2-b83e-1574d8fd54ce
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v10FBKAXbWUN%2BP4%2B%2BxoE6dhbI49s1n%2BpnbViQjFsIk5kbgC3WYok2BJD%2B6vnZHDo55Ej6ADBcUZfPcSFz4YD1sujxrowy9k6FerWYmvDNxEZVJU1CHI9X5yjtIFcuLGr9jI1SY8Ti0YK7D8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da526e5aef4a6e-FRA
content-length
43
cf-request-id
0a9c51d8f900004a6ecc9a7000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f9b90fea-9493-51a2-b83e-1574d8fd54ce
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 853F
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe34853b9-caa3-11eb-b120-02c6b318607c
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe34853b9-caa3-11eb-b120-02c6b318607c
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe34853b9-caa3-11eb-b120-02c6b318607c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XgIsIWEuLFnBcjYU4AKM3B2AzFHeCANRbyhii6zLWuMosTqHflhsugL7ATqmdaWJzc2QTspO5awP%2BUGExWXOvSptXx5YRwGgBhq%2Bh49A98XugSj4GljTGNJXkO5JQshpQxOSHz7nKK6GU64%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da526d38474a6e-FRA
content-length
43
cf-request-id
0a9c51d84600004a6eb01f6000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:58:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe34853b9-caa3-11eb-b120-02c6b318607c
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C3AB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82e28856be24f020163525712b9f055c322909341edff94ba9b483e9cee8792b

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMNBuNfOSI6K4ot0PBE-8QAA; CMPS=5214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|39|230|156|57|8|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1636
Expires
Fri, 11 Jun 2021 10:58:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Connection
keep-alive
Set-Cookie
CMID=YMNBuNfOSI6K4ot0PBE-8QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:00 GMT CMPS=5214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:00 GMT CMPRO=1108;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:00 GMT CMRUM3=2760c341b80b40&e660c341b82760&2d60c341b805a0&9c60c341b805a00&f160c341b805a0&6960c341b805a0&0860c341b805a00&3960c341b805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:00 GMT CMST=YMNBuGDDQbgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 12 Jun 2021 10:58:00 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 11 Jun 2021 10:58:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Connection
keep-alive
Set-Cookie
CMID=YMNBuNfOSI6K4ot0PBE-8QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:00 GMT CMPS=5214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:00 GMT
/
ssc-cms.33across.com/ps/ Frame B231 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.174 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP002
date
Fri, 11 Jun 2021 10:58:09 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 4FF1 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
HAPLB5A=s569|YMNBt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 11 Jun 2021 10:57:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YMNBu; path=/; domain=.go.sonobi.com
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 686D 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=71842
expires
Sat, 12 Jun 2021 06:55:28 GMT
date
Fri, 11 Jun 2021 10:58:06 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 19D4 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=555895650047099374
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=555895650047099374
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D8cM4Z1rg5szJ2smF%2FsNZBgLMePkkGpa3twrwQ0MH5cdedY6nZozz9xUp4fuh8bWFiOH3c1Q8zWnr48G50OvDoVGZesqVlUmqDpHfct9Np5cSHEI4kVfId7HJvHfHze25EELarmQtc%2FY09U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525a480a4a6e-FRA
content-length
43
cf-request-id
0a9c51cc6c00004a6eb0adc000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
8ee544b4-7650-4c31-9327-301ca38b04c4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=555895650047099374
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cf67773c-da01-4518-b4e5-c08c73214ceb
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cf67773c-da01-4518-b4e5-c08c73214ceb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7xU5%2BHBvv69Xg4bgVqyPjYpa2HsBG%2FasjexjNJzP3ODYJPbD7beT4jqo7aRu%2F2RnPD1WNtN1tpJOgQhL0kBtxGcF%2BEwweTI70cNCgkaP1oPkLvRmXPlFg9kyXAF1vwKeKPEbv1F%2BioTzt2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525b7a744a6e-FRA
content-length
43
cf-request-id
0a9c51cd2900004a6ee190f000000001

Redirect headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F74Hztw9Zj%2BCbX70TRiBaq0lOGDDxy5P6mkWeD3DcmKbFLEodWwN0OxSOL1w%2F2v8jrwp5qnb%2BkotQwXOv%2F3hn2zrr4l%2FZjsrZrLoeXFfKRnszrUKdwJugC0CDD7Y5%2BtSiXI%2Fljbk3iE8"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=cf67773c-da01-4518-b4e5-c08c73214ceb
cf-ray
65da5259ff384a6e-FRA
content-length
0
cf-request-id
0a9c51cc4100004a6eb0ad7000000001
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=921a2564ea3e6b106eb80d1b
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=921a2564ea3e6b106eb80d1b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ofdmDjNpA7l2VEv6CLTG2ep%2F79gsY7%2B4eItTscuvz2U3oCEmuzzCC0l9SAFWLFtoWCMHWHvZEK2Ply171mebS4DRCt3Mf8K7PgsDkDC%2FnZBFQ1AmufoJD7Vmx9GMoaDyHbFaicVxhLb3BIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525a1f7e4a6e-FRA
content-length
43
cf-request-id
0a9c51cc5100004a6ef6a19000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=921a2564ea3e6b106eb80d1b
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Gv5Px75E2uFcRTERugbS1ggG0b641ASI1kiMdqs-~A
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Gv5Px75E2uFcRTERugbS1ggG0b641ASI1kiMdqs-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wpV7XkryjcJFFyjIsUv1Uj%2B64dJxxrNSd%2FyqVmRGdE7mlcPGYXg%2BDpoCjxi0c7uMkZpk%2F3hHzW%2FfL%2F2zfeH52TW7jYOTKNiq8OC%2BZBOoJTbBBFw8OYsN59oteVRIURLrNyzMHuEdZ0xLQCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da526d48734a6e-FRA
content-length
43
cf-request-id
0a9c51d85200004a6ec10ca000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:58:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Gv5Px75E2uFcRTERugbS1ggG0b641ASI1kiMdqs-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f9b90fea-9493-51a2-b83e-1574d8fd54ce
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f9b90fea-9493-51a2-b83e-1574d8fd54ce
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QL8ySJ28aQYDQGgeHxNqeE%2BTUUIZ7RpiErSGYeVQJZbxEmVJ0vVvOH7EYBOX02rj3yA4Fiz%2BAAy9ZElazCBxYwSnkWyuONzh20m86jo8nTboni1RaTigfhnDpBFV48TVQYb6FIpQRSBaSEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da526e5aec4a6e-FRA
content-length
43
cf-request-id
0a9c51d8fe00004a6eb223f000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f9b90fea-9493-51a2-b83e-1574d8fd54ce
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe3482cbc-caa3-11eb-91b9-06d326095278
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe3482cbc-caa3-11eb-91b9-06d326095278
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe3482cbc-caa3-11eb-91b9-06d326095278
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6MAEsNSAQ2ZL%2FBptusKlinJu0YOW5z9aLtY59Tfac4HGp8Qan2Je2adq5iZ6mLQ6HsTf5tH1Dr7H%2BHrlomFXMUtXUlTU6fVai6e%2BEsIBa5L3r%2BynS7ph3o%2FwSMiWfTdTOmi2UBAC%2F3BEI0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da526d384d4a6e-FRA
content-length
43
cf-request-id
0a9c51d84600004a6e98124000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:58:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe3482cbc-caa3-11eb-91b9-06d326095278
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HPaEuqrC2V6oyYohTwRxbbM0rCV1jYOcWXIFAo3MjJ0uL40JYpHMfimdRczEOn9frN0vxVNWjO6tSW2isDpH5bBsWGnbMQ74PwF0p52zEVzQ4FBEtUicHj73Ns9l%2FnJMlcvaCvbF8jDbbgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525c2c654a6e-FRA
content-length
43
cf-request-id
0a9c51cd9900004a6ecf2a6000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-4cd336af-9533-4117-a5d4-900cd2a3e460
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-4cd336af-9533-4117-a5d4-900cd2a3e460
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7PEz0%2FaOQ62cUZ0u%2BW7kShM0Xj0mNG4%2BEPclzKfBE3lcv8wroH3YaxPlJeaBxmIMXOSUbKY6IIhawqkSSJoXBATSsqaheZ%2FBHYk%2Fq4qUb3AdCjPvZIs2xunU9ZEAveZrJS5NwDwhuWnaAVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525d3f3c4a6e-FRA
content-length
43
cf-request-id
0a9c51ce4300004a6ed8a65000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-4cd336af-9533-4117-a5d4-900cd2a3e460
date
Fri, 11 Jun 2021 10:57:59 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7998093916123561199
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7998093916123561199
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1muSb%2BB%2B7QEL706DpPd5IrFmYUzpV2QcSyguXa43Xs8iS9LymtgHTtY8bckaLYDBb2pNUQ3TDo1coUWdvGgpskYdFgvuavjka0YWjrOSwREo%2FhVE9pZAw%2BMP6sDPTnFb7BwLhyvIgcx%2BA9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525a3fe14a6e-FRA
content-length
43
cf-request-id
0a9c51cc6500004a6ebb272000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.41:80
AN-X-Request-Uuid
85c8a7a8-db17-4431-b945-51b66fd37a25
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7998093916123561199
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame DA49
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3837297055171137116
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3837297055171137116
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:57:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ers%2B3hXsecOuJob5ucxshT9C7B387lwSSNW5tYDBN4KdxSxWtOs1lVVi51aRNgnyBXLHqX0J9PNQUKqDV4tMh7byTjWg2gZx%2FaaLpskHtgoDddYW5i7AD68ebYSwvyo7Wr8rARA3SyMou5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da525a3fe74a6e-FRA
content-length
43
cf-request-id
0a9c51cc6600004a6ea3319000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.235:80
AN-X-Request-Uuid
e77c9b90-1983-45e2-9760-d13fc44bea98
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3837297055171137116
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame DA49 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:59 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame A1B7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d0255522bfc537b4e9ffa744b11a7aae4f90e122dd17fa2ca8537889082ff249

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5214; CMID=YMNBuNfOSI6K4ot0PBE-8gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|152|90|221|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1746
Expires
Fri, 11 Jun 2021 10:58:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Connection
keep-alive
Set-Cookie
CMID=YMNBuNfOSI6K4ot0PBE-8gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:00 GMT CMPS=5214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:00 GMT CMPRO=1153;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:00 GMT CMRUM3=f160c341b805a0&e660c341b82760&2d60c341b805a0&9860c341b805a00&2760c341b80b40&dd60c341b82760&4060c341b805a0&5a60c341b805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:00 GMT CMST=YMNBuGDDQbgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 12 Jun 2021 10:58:00 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 11 Jun 2021 10:58:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Connection
keep-alive
Set-Cookie
CMID=YMNBuNfOSI6K4ot0PBE-8gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:00 GMT CMPS=5214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:00 GMT
/
onetag-sys.com/usync/ Frame 163F 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame B23C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.174 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP005
date
Fri, 11 Jun 2021 10:58:09 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 87EE 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
HAPLB5A=s569|YMNBt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 11 Jun 2021 10:57:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YMNBu; path=/; domain=.go.sonobi.com
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4E3A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=71842
expires
Sat, 12 Jun 2021 06:55:28 GMT
date
Fri, 11 Jun 2021 10:58:06 GMT
vary
Accept-Encoding
req1234.php
a.rssing.com/ 		44 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.32191605512067856&i=21784001&r=2123&h=1924703220&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2208%2F620-461%2FValidate.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yEaLLmT8HVBpHu5KFbU8U8oOaGDtnPE4JTYLOFyuQwxdjx3HW6zRu2bQ%2BtMpWpkihNRwsM29tONeVGYFO9TAXXOKIKN166XcLJv9wmYcvbJsvF8W0uZaOMsMquhd%2FWwL32aOa%2B%2FU"}],"group":"cf-nel","max_age":604800}
cf-ray
65da525cbcc54dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51cdf100004dfa4419d000000001
redirect.aspx
community.shavlik.com/
Redirect Chain
  • https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2208/620-461/Validate.PNG
  • https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/redirect.aspx?url=https://forums.ivanti.com
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Date
Fri, 11 Jun 2021 10:57:18 GMT
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
Location
/redirect.aspx?url=https://forums.ivanti.com
Cache-Control
private
Content-Security-Policy
default-src 'none'; script-src 'self'; img-src 'self'; style-src 'self'
Content-Length
173
X-XSS-Protection
1; mode=block
dcm
s.amazon-adsystem.com/ Frame A1B7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A1B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwmz1XcIjHbQuiANrPh3J0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwmz1XcIjHbQuiANrPh3J0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwmz1XcIjHbQuiANrPh3J0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A1B7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMNBuNfOSI6K4ot0PBE-8gAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A1B7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMNBuNfOSI6K4ot0PBE-8gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPBmweauThsgLhQI392LwI0&google_cver=1&gdpr=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPBmweauThsgLhQI392LwI0&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPBmweauThsgLhQI392LwI0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A1B7
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=30a9113c-3a99-4ba6-82ae-3889ac99db40
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=30a9113c-3a99-4ba6-82ae-3889ac99db40
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:01 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=30a9113c-3a99-4ba6-82ae-3889ac99db40
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A1B7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=436B45482C804B89A0EBA0DF250715BC&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=436B45482C804B89A0EBA0DF250715BC&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:01 GMT

Redirect headers

date
Fri, 11 Jun 2021 10:58:01 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=436B45482C804B89A0EBA0DF250715BC&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 10 Jun 2021 10:58:01 GMT
tpid=YMNBuNfOSI6K4ot0PBE-8gAA%261153
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame A1B7
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMNBuNfOSI6K4ot0PBE-8gAA%261153?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMNBuNfOSI6K4ot0PBE-8gAA%261153?gdpr_consent=&us_privacy=&gdpr=1
49 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMNBuNfOSI6K4ot0PBE-8gAA%261153?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.21
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMNBuNfOSI6K4ot0PBE-8gAA%261153?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.31.84
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame A1B7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626001081
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626001081
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626001081
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
sync.quantumdex.io/ Frame A1B7 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMNBuNfOSI6K4ot0PBE_8gAABIEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XQRlmF9%2BvK2jmGSqSyDRS8dMHFZaiUz8gagVhRH%2FUwmt8nYWVzvtLpmv8XDpG9ipD7WKKUsdU2AcVZqSLLBIOWOiaYEEFktuAbJ3zN7kCndVJsoJfuLozaIoXHHEEO6mLtMToDcwcpysyn4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da5260bff44a6e-FRA
content-length
43
cf-request-id
0a9c51d07200004a6ed8a96000000001
crum
dsum-sec.casalemedia.com/ Frame C3AB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMNBuNfOSI6K4ot0PBE-8QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPBmweauThsgLhQI392LwI0&google_cver=1&gdpr=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPBmweauThsgLhQI392LwI0&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPBmweauThsgLhQI392LwI0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C3AB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C3AB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMNBuNfOSI6K4ot0PBE-8QAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame C3AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwmz1XcIjHbQuiANrPh3J0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwmz1XcIjHbQuiANrPh3J0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEwmz1XcIjHbQuiANrPh3J0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame C3AB 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:37 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame C3AB
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595839025109
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595839025109&C=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595839025109&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:03 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595839025109&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Fri, 11 Jun 2021 10:58:03 GMT
crum
dsum-sec.casalemedia.com/ Frame C3AB
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=79e98638-b70f-4a02-b0f3-8875d332e6bd&expiration=1654945081
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=79e98638-b70f-4a02-b0f3-8875d332e6bd&expiration=1654945081
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:01 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=79e98638-b70f-4a02-b0f3-8875d332e6bd&expiration=1654945081
date
Fri, 11 Jun 2021 10:58:01 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C3AB
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:01 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 11 Jun 2021 10:58:01 GMT
server
nginx/1.18.0
content-length
76
setuid
sync.quantumdex.io/ Frame C3AB 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMNBuNfOSI6K4ot0PBE_8QAABFQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:00 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gUxqYD2YSDjDxwhXXun7IGrI5Io40byxcJYhzp8EaitBmUYfFjNhaxQv0Wi%2BoF%2By7wcAinEqlZYMXZhdPyPmMxLHGJzTJxH9TIByC5xr1MMahrMH96nDdF4OU9cxB9n3Fs0gi0IoZSPSFSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da5260b8024a6e-FRA
content-length
43
cf-request-id
0a9c51d07300004a6ed9366000000001
req1234.php
a.rssing.com/ 		44 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.3917679163146732&i=21784001&r=2123&h=1445780965&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2209%2FImport%2Bnow.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:58:01 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PV%2Fk3jnhmJalESL6iPyaaCw0T55js%2F%2Fbxv3tQCrHUNyuSZHmZiwRudOl8z4jgP4UQWjXnC3cLJrQG8gEtsuTvGhGxZiak766K7bXaefnLFog768Owp57JfXyySGWZHVD7IOA0lGi"}],"group":"cf-nel","max_age":604800}
cf-ray
65da5262fddf4dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51d1e000004dfa2983d000000001
Import+now.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2209/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2209/Import+now.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
req1234.php
a.rssing.com/ 		44 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.837752923524157&i=21784001&r=2123&h=1649882495&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2210%2FValidate%2Bxml.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V%2BaPPtJwo0Hd3PRWlKVyyOZbPytEgJAaBhZUCP1Yu00TAqkUFBkl82frFdKjnSaqY8yEuS9JsIJkVYCHYgQgFyrpZW4IJJGOYRpd6oBddHusDVSne7xJCCvCU9rm2nYeuJiroRxu"}],"group":"cf-nel","max_age":604800}
cf-ray
65da526d18714dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51d83200004dfa4f07e000000001
Validate+xml.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2210/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2210/Validate+xml.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
hb
cpm.adsolut.in/ 		30 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.adsolut.in/hb?zone=127488&v=1.5
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
28a3c914561c1b87909bbf7b41169392b501ca4a655585ce718b43beeaa18b0f

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:02 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://shavlik40.rssing.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
30
/
adx.adform.net/adx/ 		15 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTk3Nzk1MCZ0cmFuc2FjdGlvbklkPTc5NDhhMjJkLTNlMDMtNGUyMC05NTg4LWM2NzJlYmM3ZDZjOCZyY3VyPUFFRA%3D%3D&bWlkPTk3Nzk0NyZ0cmFuc2FjdGlvbklkPTk4ZTFhMGI5LWNhY2EtNDZhOS1iZjJjLWRkOWMwYWUyNzhiYSZyY3VyPUFFRA%3D%3D&bWlkPTk3Nzk0OSZ0cmFuc2FjdGlvbklkPTk5ZDFlMTFlLWY2MGEtNDExZS05OWJhLTU4YTA3MzhjM2JjNSZyY3VyPUFFRA%3D%3D&pt=gross&stid=f3297db3-c788-4953-adb7-0b5a90a0156f&gdpr=1&gdpr_consent=&fd=1
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:03 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
15
expires
-1
hb
ice.360yield.com/ 		95 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2243914760e21d8b9%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22129d4dc7ee7279a%22%2C%22currency%22%3A%22AED%22%2C%22pid%22%3A22445349%2C%22tid%22%3A%227948a22d-3e03-4e20-9588-c672ebc7d6c8%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2761fd499d4d127b3677a81f2bc1770b0ea4eb57ef014c8be0006860b93bc426

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shavlik40.rssing.com
date
Fri, 11 Jun 2021 10:58:03 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		95 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244322a6538bfca7%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22136d3f37c78536d%22%2C%22currency%22%3A%22AED%22%2C%22pid%22%3A22445347%2C%22tid%22%3A%2298e1a0b9-caca-46a9-bf2c-dd9c0ae278ba%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7d78a3acd036800a8945bad14055147cf59a7401666d6974868fa29168ac5b30

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shavlik40.rssing.com
date
Fri, 11 Jun 2021 10:58:03 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		99 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2245aa4660125668e%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221429b50bb38f077%22%2C%22currency%22%3A%22AED%22%2C%22pid%22%3A22445348%2C%22tid%22%3A%2299d1e11e-f60a-411e-99ba-58a0738c3bc5%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
609cd16a2f8975d8a1d4aeb49ac9124fb0b3e901276284e6a3e74c8bcb4ec166

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shavlik40.rssing.com
date
Fri, 11 Jun 2021 10:58:03 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
99
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		0
0
/
ghb.adtelligent.com/v2/auction/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shavlik40.rssing.com
Date
Fri, 11 Jun 2021 10:58:02 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
2
Content-Type
application/json; charset=UTF-8
/
hb.emxdgt.com/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1623409082820&src=pbjs
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shavlik40.rssing.com
date
Fri, 11 Jun 2021 10:58:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
v1
prg.smartadserver.com/prebid/ 		276 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
82e0850d0c5eae20de3a67ffc7f08e25fda13edce9b264ddcb67d03918401d1f

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:03 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b15%3b106
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		276 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
82e0850d0c5eae20de3a67ffc7f08e25fda13edce9b264ddcb67d03918401d1f

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:03 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b16%3b52
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		276 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
82e0850d0c5eae20de3a67ffc7f08e25fda13edce9b264ddcb67d03918401d1f

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:03 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b4%3b95
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
auction
rtb.adxpremium.services/openrtb2/ 		437 B
934 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3455274c447abb3b999d91f30d8148810768d56d3313034d9dfca74bd3834755

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 10:58:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51d9de00004eeb18b15000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DgsSfPaYbUwrFjuhsVQbtbqhmLfer2fUDFVtHlGRe9vt9Ki2enMOu%2FQCdxNiml5bEUd7Oem65pMRh0WfnC9LSDhAoAPjGjX4FELTrKYfO9Dxo3C1B2su9QVoFxeYTiB1b%2BUsBAdQsJVK%2BlTgjydQcao%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
65da526fcd514eeb-FRA
expires
0
bid
ap.lijit.com/rtb/ 		24 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.31.0
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
d6dd3478836e21a721fa292557dbae05259b3d55d050e430d51b41b73a9c8693

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Jun 2021 10:58:02 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://shavlik40.rssing.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
req1234.php
a.rssing.com/ 		44 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.0805011429570679&i=21784001&r=2123&h=1024699047&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2211%2F620-495%2FImport%2Bdefinitions.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:58:05 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=li7qeQd887uOFPw%2FDV0VZglrh4%2BcgPcaJtBy3gxoLNeOrt4esDBxG9FBXIoqT05FlBs%2B15RE%2FtWkDcPgPKXzMKuL19a3dfwfUScdHBbQmq%2F7Epo48QkRob4VZ1yA2dX%2FvSpXp%2F37"}],"group":"cf-nel","max_age":604800}
cf-ray
65da52773dc14dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51de8300004dfa6b2b9000000001
Import+definitions.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2211/620-495/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2211/620-495/Import+definitions.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
req1234.php
a.rssing.com/ 		44 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.rssing.com/req1234.php?req=ir&rr=0.42343277166802396&i=21784001&r=2123&h=388598613&u=%2F%2Fcommunity.shavlik.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F102-23376-20-2212%2F620-439%2FScan%2BComplete.PNG&ww=undefined&hh=undefined
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/all.js?id=81
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jun 2021 10:58:05 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G45%2B1eT4pslZirV3q65qD8uHS3jwb2YWdiRDdG%2F6WRn4AzNNuefEwt9bhe%2B2khyD5K%2Bas0S27AT2B3s6wOBKdL0c99ZgtFPlG1jCSbBdjTvwC7gBPQXtXtGYNsilJIiciq9Ull4Z"}],"group":"cf-nel","max_age":604800}
cf-ray
65da527aeedb4dfa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51e0cf00004dfa6b2fc000000001
Scan+Complete.PNG
community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2212/620-439/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.shavlik.com/servlet/JiveServlet/downloadImage/102-23376-20-2212/620-439/Scan+Complete.PNG
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
67.199.253.93 Draper, United States, ASN395344 (IVANTI-BD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=shavlik40.rssing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 10:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shavlik40.rssing.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 10:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=654544741757586&correlator=3936336266892581&output=ldjh&impl=fifs&eid=31061413&vrg=2021060901&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210611&iu_parts=22067971220%2Cpb_au_728x90%2Cpb_au_650x90%2Cpb_au_650x90_1%2Cpb_au_300x250%2Cpb_au_300x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C650x90%2C650x90%2C300x250%2C300x600&eri=1&cust_params=hb_domain%3Drssing.com&cookie_enabled=1&bc=31&abxe=1&lmt=1623409086&dt=1623409086333&dlt=1623409074502&idt=299&frm=20&biw=1600&bih=1200&oid=3&adxs=288%2C288%2C288%2C1006%2C1005&adys=36%2C516%2C3006%2C225%2C1038&adks=322520512%2C4176452841%2C2505653115%2C2082884811%2C3516729104&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fshavlik40.rssing.com%2Fchan-21784001%2Findex-latest.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=940x90%7C700x90%7C700x90%7C303x250%7C305x600&msz=728x-1%7C700x90%7C700x90%7C300x-1%7C300x-1&ga_vid=1736917990.1623409075&ga_sid=1623409086&ga_hid=1678255632&ga_fc=false&ga_cid=1055324569.1623409086&fws=4%2C4%2C4%2C4%2C4&ohw=940%2C700%2C700%2C305%2C305&btvi=0%7C0%7C1%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
1dbcf017e3268d42cd4fdb734d7f9c82ddf65d593a038407e62cf8c02de1561d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40594
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shavlik40.rssing.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
showad.js
ads.pubmatic.com/AdServer/js/ Frame C9DA 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70826
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 10:58:06 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame CE32 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70826
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 10:58:06 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame C9DA 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36776627&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:05 GMT
content-length
0
container.html
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1DB8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 11 Jun 2021 10:58:06 GMT
expires
Sat, 11 Jun 2022 10:58:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3DF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 11 Jun 2021 10:58:06 GMT
expires
Sat, 11 Jun 2022 10:58:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263566164500"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28162
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:58:07 GMT
container.html
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2571 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 11 Jun 2021 10:58:06 GMT
expires
Sat, 11 Jun 2022 10:58:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 600E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 11 Jun 2021 10:58:06 GMT
expires
Sat, 11 Jun 2022 10:58:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 11 Jun 2021 10:58:06 GMT
expires
Sat, 11 Jun 2022 10:58:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame FAE1 		624 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CID39wIQ2PSumQIY68bjqAEwAQ&v=APEucNWm6yoMIve7bXTPt3cMkJOY1B9hZLrD8PpdJwVpo1e_RbySNB3GC2LDazO_pR4nTWO4Fs-Kd_UcnMxa746EftLcR3u-AGM_Ke3vh-QZYnf7bwucOr01-DLtWfx4M792HCQoYmvmqsxrb-nLHTFWIM5DPevluav8EPXOcuiID4v8xPOFGPk
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CID39wIQ2PSumQIY68bjqAEwAQ&v=APEucNWm6yoMIve7bXTPt3cMkJOY1B9hZLrD8PpdJwVpo1e_RbySNB3GC2LDazO_pR4nTWO4Fs-Kd_UcnMxa746EftLcR3u-AGM_Ke3vh-QZYnf7bwucOr01-DLtWfx4M792HCQoYmvmqsxrb-nLHTFWIM5DPevluav8EPXOcuiID4v8xPOFGPk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 11 Jun 2021 10:58:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlEv-_f1Z1BjBM3sBkQJkuK_jyAtlSzoRHQr8xpim6wojaMcdHYVpDPK_i5; expires=Wed, 06-Jul-2022 10:58:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 11 Jun 2021 10:58:07 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame A3DF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:53:55 GMT
5853061707151182047
s0.2mdn.net/simgad/ Frame A3DF 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5853061707151182047
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
902a0ba9283adc844be3330fd1f854042cc6e341efd77b109c061c58435cd2fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 17:24:21 GMT
x-content-type-options
nosniff
age
236026
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59179
x-xss-protection
0
last-modified
Mon, 10 May 2021 22:13:23 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 17:24:21 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame A3DF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:52:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:52:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A3DF 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJyL3s1ChiMPnjwj60kQWLMWxTXq7Qypl_loTaV8Ip8kU1nqmVghvj4FhDz4FwdZeFEauRXXAQzdZ92gZw-n5Hp9_Z4nODlKXkZM1yukidk2ync1BlM8eb6c6dgQ1osqn5S7A4Eo-9Y4s8X1F-Z4C3fNqtjuA9YWplvvbBoFfPr3VYq_tUpZ8Vx4zR7zUla4_z_QFVlfEz-VFnJc5M6zcOsPjtsRzQPtxwabTNz-uS5LyVRM9vYT5ou56dMEzvKUP6EVaWNljxbBfjcepQNidOBLHpChg-L0D3iuWZz2DQ1pYHbj4II8Epo30saUCa4Iz-ulUYvdy-30_9jmZigkO9iYjWQi8CI35z-ZDvlHrxkpmJkNExUIu3P0hyZa1CeogFpWIlzFIfkccZEe5c08hKvrfNQsXn2w0Offd0LAfmAxWy4uha5VtohzFVHLPUv2GBIWI8ZzHMYotSoIB90bb7SGfbEsZ0Bhdm641gM_c9p5QRfM1u7-D_eipv4AvANfpvUMh3YGADkcF-49M2D6gTnmjl2XMMDzQdflXSeRpAbtArTeWkPlKdpR_I88Y8ePzeE5nhuP-oNhU3Vqw5GgHn2qMs-Cz4jKlJQxXqCQy7fCerhdpNj3O2heeKoM0D1ylAMeuzEUWrddd6aP4vYzzErkQRL0h8X_oBPvbNEwJG8Ce44BzlsmjnPB84o7APbJFj75Q2oN3YN8LZrQIMHBkm0KXQAR0zPMPYipYxnyotzNP55_E-uYMXlDb51gIkyvc6aZ3CPPw5StHVkTJbgseYYWMNHNJX3JRXGMEGtKIl_S56ebw6UihMCWI4oaBmrez78AKuWGVvrmcukX386UQWnE1D_IShaa9Q0OLEIhTqnsI5QSc9atQWMg6HzLyYnXpzoxL2GUibGDNgdZvyNvBEcodL2kFtolXjb0JWZFyYwG8eDmO67LMNsbhWmY4-6r_q0lmZYac5ecqKJHhefaB6zi1CYctFQsPPXDBOii27xZONkLfU4nKNGpTzXqIhz2pSObgU2ci1AbLzR4edC0l9o7Ym8nw4BbMoWu2mTADdaACXIQph92FoGYS7_S3-_crsxqmF2vtFHAABNfbmjmmMIppzzyCeFVxAeanV4aRLw27gQBEv3_-ZoH0BI56OOJCK-1RAdBwSzdMHzEppt4VrIQ&sai=AMfl-YRZC957X4q5g5UTjzGRNYuXHEhx5CAPI3oIBh3x9XVMCfOft2Y_FaiMZ0mJid6Peix6sCg0rpq3mgz7LAB4UPDn_ekOplXqaXtriz-W8zjhi59KkLx4gokvhy3xHsHJXtfC6MqDxNwd2khkRi9wGkl660dLlhA3sKTA4FFwq-cMbEz1sWKM8FFympya2OSUAhyW4veVmvTUqeruAYVENbLAum18wIgoSwApT4K1XaBDeYvTW0SvGhzfwNyVKwh-Fk4LKVBeogSAS1gxdPGPlQ8MhYzorNapHkF7MWK-mBhV0Wqk20pNH2T2QgeVAnh5_tofWt0LcdsNE8ihposk03S_2If36PoTnjxXN394rxZnh_f6ZqiaDQjktDpdQ1Ulew&sig=Cg0ArKJSzNLDwiDXKdm6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.97077&adurl=
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 11 Jun 2021 10:58:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A3DF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8378
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:38:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3DF 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWvQfWtddkoOqye376XoiGof5kOGxS6HeDQAakuI6fnMpngxzC7CObQGLbAs9eAZJV3r8QaDNaTe0RMTInb9a49SUsx293tB8oSMbMX3yC-HfXIY8
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame A3DF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A3DF 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:58:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame A3DF 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:56:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 48C5 		624 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGNaulqUBMAE&v=APEucNWYLkZU6fDr8guvfupKDW4SpX4f9wP4gFSQJoWxOYhXSvaf4T_Vs2K1KAMjpVGnKGzkOucwC5nkGEqDSMLKC1GErlTEQcmL60hE-JCKhiNBhEYlhDNmbyh1pWpswuxnm0QBNrGweRnfW2TYd_cEaPCggXReZ4qOM-jQPXnnv3VAJjn_KQY
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CK0CELqMgMoCGNaulqUBMAE&v=APEucNWYLkZU6fDr8guvfupKDW4SpX4f9wP4gFSQJoWxOYhXSvaf4T_Vs2K1KAMjpVGnKGzkOucwC5nkGEqDSMLKC1GErlTEQcmL60hE-JCKhiNBhEYlhDNmbyh1pWpswuxnm0QBNrGweRnfW2TYd_cEaPCggXReZ4qOM-jQPXnnv3VAJjn_KQY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 11 Jun 2021 10:58:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmWEVZY-LgrDNOuHS7y0HZtN8g96f0HIjGmLWQuW6Bj7DOMa76BDFgQKokK; expires=Wed, 06-Jul-2022 10:58:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 11 Jun 2021 10:58:07 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1DB8 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CURZD_2QpAWP5MH5xoE4Lin6XCymQgFehM7hY2fJq5IlxtgTwJThVAmg3dKeV-ASwHPPv_wg_CvClEvJakxJQiEnYwp2hUzjEeJS-_TGcMNqYcDCMvw62YdfFK2TCrMNEkgrshpfYUntoiCGqaTSn9WWFuXg&dbm_d=AKAmf-DtTj_vy8WJnX8YHdLt7Y4QZffji27FiooIV8WpQYbSHEBP02-VCCM_qsw5YJ_tdJQ3cG-x8wZKH9YlDYs4duIOl--tH3hnOozYfdJGdyQHA6Rq4laqQas15ByhWJj5p0jjnktFWmLEGuh86KsIkn-GPS564kp6Grv4KMcSVJfyL8qxQOP5_tehzFhBE5Zzt2nYrQ_WcOA6ioVgOEa-EHctgzCD3PeYWZpZxQsAZgluxdN93cHkD1-sUHDWLf6exOVn3T7Satxv7N5x5CMtC1L-kyrAIOE6_0SL-LA_XxehVRZS5rXDikunSfVpxI3-JIrF5Xl1LCIevevmVyzXMd94T9AQ2MIfjX-4yvQQt9Jd8xZSlH5vPU7x_NN2tEEIW64cAe7tKkdjeS-76bbr7Qd8Y1pdbre_Sc4J_BVk3MWoDdvTvmMpnB44QW0LTPPMBJeKD0dnwkeVcqz9yG2LsoGK0-dMlDlvkuQwha2dTu_drI2n04TgRpKRkR4jIj47Vh1W4TMmu1XtlCUqj7gK6PjcSi7qXEd9dVyAPIikpw6GCYl7M_EIBdl_CI8tbMVMoih8qpTitL6cNt0pJ7CR92VfZWkV5x2cscvih0ITIa7AnL3wIthYwGnwDAgM042GOZnb905A6FEz_mrSxc4J5f-f7hr5k_Cn6sT0BTwSLakSd772aEHiDugxvAxFChlvP2tjPs7FCEwb2a-tqYH1kX4Ud8bOkcY4s9-p00VOI1eT_M4PIwaXOW4R7J0_ZHJMb1YWyr49iLHNK6J1IdcAaFIQHIszsX8P18Ul0s4qGTfd2cdNLh9dK9y6IsHYCCho7ZigQ5nPCkKdDUrbk1iZiH8kiXr0IcikACa2NAyXVkB105ZKe0Pv2SFMZSU6HiKJtuspkBEjjjVI4sOHcIvMFqUR-MJPLkpBZb7pt1O7eDu4cB9Ir1A8T-UgxMAdC1qJocRBv-xJd9Hfxj4AaBFnjtFT0Prnc8WtEtBGpK6goPLcsyWTm86BFJuIHZLrELzA-BRNiIbcjzbvos3ObT1roC1y9u9AUIINsJ8CBqMH6QkGIJ4MJuPrukdnjCX-X7YBwfe_g_REwl8iKi_2F-Jq1vV7M1NvYmEA2iXWT0n-l_EgDQCHsrtYeTrIeHyhW0ZdATZSTyxiHi1j5r1It0wkr5XUaebI7yBZAXAP8Zu1_OBI5a-DefJYebvTuG6ZZal0F2Vgdd2q__jN5eix8qQCZkddzXG6FREK7adBkR8n6jyQloIRqLKFanPLnhN3-bBup3PlR7xKWfDqOZaV2B9O-c1I3Bj6xRKo35iMgi7lw_SzphJLk0t9JmCJIvQGJh_y40-wm3pIK4JgjGSLp_u7d7bYbbyuVLJcRid8ncDs0nkWDzffEdoSBeAkrJ81_T048fWnfeXbJxXacAxoogG8MpyRod0mWSZlxZOh3kyxy4PFhm973VTX_UTUH0Y3Ti3AXzLjPeSWlc765qdF94g2uaiRuMWf8RD1bynTnBamHeQWpF8kxPxI0B20LtvDM-52RF7EMEJb99kd4eidt1d31UaS07xXUhAYKK98AYLuHEMmEDRcQifUN_XPePC0o2eo8oEYvlGX62WJKAI7zDycYWFPVrR4-cxMWC2wtpiXLl59bVld0tndWz29aCW-TKsCH0fMfpTOb6Ac6w6mM1CC9eOyG2NRz3dDCGGXkO5k1AMz3n06SN_t7mJnu2Di7rAJGXh-tjY57AcaNtcFiT-R8g53LvuTt6XbouWGrxd6lizJSYVQEzoVHtu7qOgXi9Ie4ZUHIYPA-SaxDP92v8J7PcmAlMAJI9rxdFRXBi-ZZsGyyBjdXcQX9GL_wiG-sn3axxaQCgXGLMpbJbnENX3fdT7i2HRwCm_eBGPQJauqAupLMQoMOJ4YbBEn4wZskuuMReEmW2FVb9kzdJXw_L3rcCZxwoDj4jFAay-X467f8dQqNoZw2IJUVwjObyHE31J9ELv5aR2LtoZyMKf-A8cJXDssdXS67TNvNT6BABzmQvz66-rdMgkPzYPCE9ZZRdGOF9320jyfhuflt5JDD92ZRhIaf5b8WlvOmc1qzGopu2v0XOnK4iwgpuAP8JtZG6ma0TSJEXgdn6Euuv6NJx2okhhfUu1dWuRkBYvLK9M05ssISmd-loii6waQZG_zdxjm_Ybm1lV91UYoDSMtR4Ci_-RP8BW0Kpg8gFlXTEEe1A_30jF7DY-u7ccRB-flXsjiBAZ7LJZNei_EkvDUCr9NicK6n74kJxqaNGhgtyPmtV3aBjDC-EZGiOY8YQaNc-t7COHW084UDjVrQCGYqDUIBr-ojxIu7X2veE7jKPPzFhKzsQA38R5ZLiKwsWz_zK3PTQNWeWmdgyesvzzJ4DouSX72BWuKsvwo47y4hZyj8j7Qdj8OLRh-i7XOsW0nU5O_l6sKJ4Qsuk2DY9ws8MqeT5s-6WmvUelX-jnqsOP46XO4ZeGH_psy-8mkswd-py-0OHvI3QNY1Bjz_gK-ed73d4jy2nszkRPpEbhb7gAr-sAY7Xm_ERW5QBmECRhhb8F9PMYs3CyGpmrTTsz_zFLpLg2to--TRqy51juib_YGxOaToItRUJaFxHsefqELLBydrCzej15Y59IeN10lSsh4h3dDZmU9ZKA7ZeXWBhNQFDUf6UMyRDnxwzLXGtIdMCH8d0otWiS3fZZbw3jKdTdWC40LjvR7C6HEt3OWAuK_dHA_4G-yhg_4oN66QwBkmWoIqlSMTgLBIXYHX0uZTauvRR5-Tg7_dt5sUF1owtQhbtoYV3ComTu0TwoL79zKvhyJa92GwQo-6o9b0-Mbq-ky_PrKd2RYR0qISyMGVDZViDvgC3T1agquZ6yfALoFZL5JMbqNuK5RVxtpIj5ADOqxSp45Ux4k3G-wCLm9n-hMw5hjIcoP9JRnK6pKp445MEaoahYXPH9yY2VeMWF_lvlaWHSsni_ioQx_pNbZMKxFWrMGlpTYbzyaToSruGFNHt8wkM7HPpBZmxbePK9fKa6mM1dwJvQ5_GPQYjfShVRcbIvpkJgKSNyjZW3cAJU5vxcE4z6CNicQN0Y4qUsfTfCSJHAwm2pu_b4746hfRBXZe2Wj-59ibxMgPqFU2NaDh_T1o9U2CIsGEH_yEaytmSyt1UgSMS3JQ-PWL5HoCVNrpF6PpCLtehq5QXiA1wNdkmNavRM6XBXw3CFdp0RzHTArujJ26DeANM3Tx0B74Xq-96mVwsc6lv4QhzU401xdUDEeXh04NXJ_&cid=CAASFeRosjFbUcZVCrea2WwHdFKsSfS4vw&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfe8ce0a3df3abd5e7a506f14f85f19c99a897b4a050ea4b2eead89445f25821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_yv5JErpw3VOwmMCuzQOP2npxdjOlZjIqLvRYn8YDz6UY03V01c3aBuFUkkMi8qzKBH20XonjBb1ydcjNQ7XIvn0wNdmxuZY-MdGZTdSdRdrodLc
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 1DB8 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3796
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 18:22:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 11 Jun 2021 11:38:26 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/695971/54149685/ Frame 1DB8 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/695971/54149685/skeleton.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.16.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1e77f1d3db87fb1e159dd75e343e697244deabe3edcd0e93283da44355de0087

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
x-server-name
app27.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1DB8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DB8 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:58:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1DB8 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:56:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D5E3 		624 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNXMMYi5-csjZRpGpKASkZkECFS1yF0aklvjSCqN5SdmxxbjK8Kf58aqeluNiRm9jzNDNDyZAoix0pkW9lL8UAL1hm5g5RtK-IGBpWD0lY1E_BJ62nMSnOg1lYG5GBCTmEy1Dw5rYFdEMZtjiRVmGk9HlSQ34BRfuT0J1NCagMOjmDO3PjE
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNXMMYi5-csjZRpGpKASkZkECFS1yF0aklvjSCqN5SdmxxbjK8Kf58aqeluNiRm9jzNDNDyZAoix0pkW9lL8UAL1hm5g5RtK-IGBpWD0lY1E_BJ62nMSnOg1lYG5GBCTmEy1Dw5rYFdEMZtjiRVmGk9HlSQ34BRfuT0J1NCagMOjmDO3PjE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 11 Jun 2021 10:58:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlK4qfjWZ2DRYdpz-Ugan0cDSfFk_boefntfTaC0i3AmC1mikkNOWrvjJHl; expires=Wed, 06-Jul-2022 10:58:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 11 Jun 2021 10:58:07 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2571 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3JPmlrUtjSOLyIAi-THiKtjKgrm-4fJgng56W1NSr2sv6nSxonc2Bgb7qIaCje-t2bHwPpjHcDnYb67HQYrpuikL7rHmVzC1fVb9D4C0MplvVnEJXH4AWTBIHn7jhNXLxz1u_3vl7bYFhUB3ZeRarstWScg&dbm_d=AKAmf-DqlQIV0OZDErl32G1SYfYG1achYSXyyz97XSiHcRDrlqhlleNgplNCBBLE8Jd8pG4EoNlPKLT4_IXdB0jmLUKZ9wDU3yJD00Lx3d_DW5lIEIVAQSsGz220LiNmXqy5mEE9ddq6awi_dApnfYnBu4QTVxcihIXHxOQS7yNDWTn-yHOL_t3GAlS48nePZ8WTHSb8KWLmzMvebemiRrojQjikTo7hAJDmgTRO4DOop3yyrkkzulcrQ6sc5QNBwNfw9hpFA91UTbi21kL8pwbxrBuygJeae3b1d0IcbARfcEhM0L9j4WKLsV87wvha27SDy2CoHvC7v5cUFxJ5lGewQcE5bslioL_MOEsdHpgciiV2XDP2L4d7jHTumSAiAS3s5nWslMw3mQS-p1RtNKkkjhqEKU089AsTNEos21f44-wHvzj-CtQC356tWPqKc97CTMH-vwr9RczUW9O0AB9z-zuePgZcyfZNNJGnMm_3tQrIIGrlgUfM-LzYj0WZ3nSms5ZPPzPFam3dZbT9uK2VlIx3G3JBJ6bQSB8cwcIMTZ5GLgp8mll8P5kCt7zONBUXBMcYB00Znj_b90wl3_AseVMCICFavyA33Vu9VJCIHnhNzCwY4JR8eRrfI3P3yj3-8b6hrqmsqfbfbqbe6wfsSjHZDZ5xpa8CSXVzqVcoJyqGQeCvwk7WAPX16nk3UGpio0lmOAOsNYCeaQCBqqQPvRd7YMxHHPeHMYmXXnTwuUWzk2W4c_Fm3fQ8w-QwBFpGNlaAy_gkRrO9O1VJTxvrGJVXs3hZkHbk7W6Kjb5HFVRtebiAH4d68VzlJ_bDZ2vDPNPIjKJ-zGYv1QxQ-rKH9Zn18jh1NSgp1kwuEPRjw_2HEWFjKZLA1CyVOgcocdkyWfFIKa1zL6OuzHq4GNVUdPfHtP-gtB_xDJqcsC0SyxXxA6yEOmzb4QJSVM9kRScfMxtKchD2U6B55uijU61CMm4ThHc7evgX2fAir047G6S-5Uy70cYflUflhHyi2bi1UvMWLyiMc1lxyRLfKG1aILK4jgHxzHjIAMKX1iDWT_lQiDinhpfrpoWgKi53onuHoxMIrDAdbeRmgNQFx1ZdOrIL858pbdjvYfrl0x5bq2656fxpXde4NhBmu_8aD6cXaHyLns5A2XcQxIT1giFTv8dFqoo0zDOzrYARHkIoU8owgGL4YC9x-gf-48TmnuhXFd2LY-YWd7Dqhby2cloO4J1zoBlsFKbwYW2B1Uk5UNV1jdgexapCs7FYAxDOmaoL09RHvoYEsFAwYEKU3M-V3aF-sqODMcPd-rRXHnNKwVW-Dxg6Fq9RIod3GPbocZxPKumamb8vdJJ8tQErNXP47pNRZAOcuiY16H4xSkOJsWxW5QsGjSpcPuirjRYeUNiZmXWtSdiWNX6aZiZ4Hma50QGfn5EtpskjnK47qlL8_lupjrTs9hN9NqtIfaXJd6RW5mk-jj68dXfG59cgS8CC4j77Xyv0ie06Wc6PfHc_oVKZuLkbNMK-4aobsub5FhOExuA8r7oca92PiQm5mozrKUKU_NzBXrY9RqgT13-lM2NjmZl9cD8mrAsHllfF1rch6h5GzdhY_RBUiBgG3kefhjemNQ9VbaR7kGpWzjXNELe1XEgJT6-R7bpk3FBslLjvLUDOqP4AAVnp_ivPoE0SgmqbXI2O_DgDpEprb8o_YG0gLpYFkQKyo5mH0AaaCQa041d-7JUNCAxhFDcagSIDB3hODSLNgiABvZMFWT3uYFCs5sBHi59bMy_6lgoN0v8by_I2q5nYa5aT5K8bNaXo0OmP_iuIthAl673rxltS6oOLvcKudJNpkR344V9LoMm-quI5M4vxNxbGjUab_zqlpDrlbeKBiz-mAh8aW3iI25ZFP2Bmo_GWGXUa1hLWLfbAVHM2g6BfcNxada9UO1HmIIYuW7Kp-s1NBfc7L_13n7rjsz6XvKi7iB9KJkDjWT_OrB3UKwpCxoktnU7ORHDuFThAjf2CZzDq1gYyOPxWjqml3AUkhuKpxmWwA3pHT0DQo1aaHSiCbsueKgyxT5atS3VGDOGQKuX_x317dbETX9mrs_pTR7hZaCJRbo5_8ux9qsdxfK3LGxkdhS6KQ9h6_eEVuu8MUPDRftC997sKuHaUS76QWXDGMFgN9WnJn5nFgJ8Z9ehH0qEVLGmqz2ZxmsnTcao5I5JoT_zG26UD9alRK77QRnwzwGnz2UscKO06kNMPztlDZz16qMuSxakExt5jS7Q2Kj154v5pfVspLKSLwbGFjpsksI6qZwLMZy1TlGIaodD5y8R1s2iQcM5zWOhGXQ5p-lPFztA8VEyp_39nNnZtQJiqW-QEbUTUDJGPdzT0pvbXPJO17b0B19oOgCE84mjblhB3LEqdmsyKO9DB0dBVc2nGCZw5NHVPh0O6oIlJ7C8fdkxfaN6MonbrtfAXiM9qycBTzwlSciSTv36419bnRkvbxfLt3mC8A1b_aYnyRrKIVrSACmfiOstMyOSzKgw5XIdX__gVYpqY2sOI60dgvamcuyGkw0_7vTcF8Q7K_cbDYcNnV_Y1qMKCRoh83kGh48wJAxObcPIi8lzUrbf3w12AutWqd-_G5-VptgXtsq0EEFbyOxLFj6pC9BQe2JOhnw3ASxDWz5H0R3UY5vGXS0SwLmxbLu4ja2ilDE82KDds2YhVGgweumGmQMTMvPrk97lTdeIXnbCgUF4RiJXzdqIxwBttvE0mIV64MT6eY-T_falKZGAZgmF7KbSZ9av6m3cG0VPhHAFcLKfoPwn3tDnXgonDZzGAdFMW3nuLPGzM7r8r2_Urcdc8nf0-YmctJH_GS3TBGxWR6jLNQFY2Hm9-yQ0_ZcEq0A8k0sAn95Kk8GWYK-aWhS2GkMOxOO9KxfLyPBbc4cQQSEEjhw0NWzTssMaoPqFNxzdomowcOZ5B635MHguZng6laEfubK_jgI8Ou7IECJIo4VtjJQIb9S3eG-7VJgQb1xvHlIiIF_aQdrmxGRU7f3rst_nnxSIRtogfLcK55XsTvMxnq77OUMYbMID8s82XAJj03q20orAEwTIROUFDNl_a87RfC8JZkFeASf4IAWoqgsGrd5ql__f9ItxyCP6JSsHTrFzDcXxOkwPs8NlsOY21V3ht_jhSSiHS6FAffMlnKEBa0rjUIE1F63rbvE0GFONNT4SB_OkCk-Pnth0vOISDgKQ7o0QfTz-r-qMNTdPnBBQTqc78IXM&cid=CAASFeRoyDo-DFuRoBERLiVRaSDX_984Kg&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1244f567e046786fd97670369f736209d24011f86fde355a7b01f1232e5dd4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24127
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2571 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cus9zeBckyBeOQlF66HYkXE8zHDtZANR1nKTfRXCFuR0F5CUCsr4WTyeqXNPw2brTRsrsQmp82Nu3yS7_kQiVYYa30rnYPLbXAvGSK1GyRP3jnQQQ
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2571 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2571 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:58:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2571 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:56:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 862F 		624 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGOvd_KQBMAE&v=APEucNVsfVpMQd3YWmo6REkz-WQKoN88q9Z9uWOf97GMY5N-OKFyXLiuVkJr0yFgWOUwDBZMl51GU5Ej5bMfbqFnirCYPfIkM4Gsvv9-MCXPShFfr6lcfWdghMMFurqAD_Jt0wqSraTkRAMy6weSpujrzTCxjgujT7tUwlvdyWZTZ2EYrp_qeNU
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CK0CELqMgMoCGOvd_KQBMAE&v=APEucNVsfVpMQd3YWmo6REkz-WQKoN88q9Z9uWOf97GMY5N-OKFyXLiuVkJr0yFgWOUwDBZMl51GU5Ej5bMfbqFnirCYPfIkM4Gsvv9-MCXPShFfr6lcfWdghMMFurqAD_Jt0wqSraTkRAMy6weSpujrzTCxjgujT7tUwlvdyWZTZ2EYrp_qeNU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 11 Jun 2021 10:58:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmrl6SqyOJSWF3VN_n6Lxghde203tAv_Q6Z38kL4D7I2qRvkk1QQNvBoLCo; expires=Wed, 06-Jul-2022 10:58:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 11 Jun 2021 10:58:07 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 600E 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFhxpk4Tz4bBIh020vXCCfX3gckOJD9w4Ai453r_kex_tOHCz1INVZ1n4-8WbdpIE6_u7mh9n0risOKb0WTxsztWaM3LgqfFMtuQd0_HDQ4WSVNQynsFEhmFxqhz4D8aomKy8pwYCFPEF4ihAFRfW_P4M4Kg&dbm_d=AKAmf-D1nPUujdWt7Bg84Ldq8pHFnz2ihPL_STu3Rr_OSVft-EbI7VCqQWI64nvVjVYl6sjXYGphWUDJnYhb5_Hn-J1JVh8Ul-SZHoDxvwjrPDihecbKH34N2lpn79kMR4Rten7dJcHQQj6v-9xxLaAd5g2wZQ7-f4oD_ojBYjH5Y_uXRY3nJY8WODXG8Jq4SyVFyujsa-vpffjRzxrWbbFheBchuKIW4hE3GQCfug46s2ZPApWX7jAmkoa788DqNInDWRbr0oMKNFIaH08KK3m463lFDHJRJcuekb_2s_xOOiTtwirH0-Fe0GJJQ0cgqF-zXuEWJ0e_YwpAmJuJB9xWws_WwpROz6kvli_1hTogFriU8EzEy0_F1pYUxIIiTNUVAgLP-qENz8vfKe2DlyyxXtkegMnEYSbvTRNDZmURW50TzpELNwLq-tL6FOdsNZ8oVm1vj9dxfXr0IqGjKX0uEI4eHHa0dsaH7btsHpk53_WMjDP5ot6fxJX0mJuFpToLkRxE6BA2RRQxDZ3bfp_JUtfYmmHNOpFJpWMSc46KuSY7iuu3rLGABcPKuY-OJthe1obJBk_OSkfPjhI8ZTADd5h_VdP9BWTryP20zcAkHwfSNUG6-FUZhzsA1evnmbMrVUIIxKZkdMCTyKprHdufv5FClfTXVdR7ij45xihIZu5WOdD7qefI2ZxehIdyEKz2lt1kzKV4eaYVhGz5J3RFfIFal-DnG9uALBUyyXD6TbwaPS-bmyWtsKxhb3sAxjbAVG1vdkHEcBHzaDTfwSPeQ5q9G-xBJQPxq9HAS9FycrooegDrkl0ULm4W4Olnggg-f6Xi8HwCg2B3cKMjleC3JBQKpOWq0x2v4a-2zBX4ugDHuOC10nbSp_UlF3SwNnbMm-MNN-58YkL9qlgLgQJ1FDHe-qElZc7g0Jjl6bzi1aaGO2yaKh-_YFacL_2jnZHdiiNzlsLDqKLFpgnyjnGrZFvRSp2e8Aa3FlDkwAcoWKw-OfMjAXd5PCVp8iCjfJzUUncr_6ZY0JbaDPlmsMN4Tmqo6YZAKjIIFZNxv9J0h8SB3qoR1QT8IXnrfZkImL8DzHCbykVTzaruDcfMnVrcwBLNxGZCYPeU3VFGbqwxCEVUxSauim4QLiRH_L8pX72sIKn48dKyMEQd99KPyopqelZoAauNdYKkkYaXLc3UPt1J9KiFf-IHZQw3xdHVQ61kgeFbt4UoY1Gos6ciT9pzsmt6rNVusjbN3dPql0bD66JO8H3XcJ0d4OgONFRnxEFGlvfMoQsNJzv0KwQAqO83MSmMPDU8LZ6ZwZCC-m4fM9ZsQcUPPMsuJg-yT9YS4DarCuVyYt-IxMZHKhaUw0kLf_C_5ekcqCCUmaJO0ghLcRvn9e4W2LPIBmWwLKNdR_PrUn92h4G7Sn3pTo44Q-5CINEny4cEvVp0v0yU5BIpy-lbT2Xa1teJKCgVPXFZz6YbydkxkHueS5gss7zJwnPd9yPQ2dytxzyQKfWEPhW405c7lMD-gBMxRhVTBaw-3dNXFrVL_UnrprxW4g9EEHIEDGQmxN4B9_58r3GA1q0UdsDkg3uQjMWwhFk7tNS-x-MabA_MeAet6PfWaUKShZtgXOmkw1jh5Rc35RjZIsLUjr8Qq1H-inQMGsC-0Xb0hk0AGbUXeWaNOnsdBMeeNMUOOQvv5pcbbE2L96oMC4iagGJq9M3Z8u_BLCR0_NZQbCyr7yxFZIGot0vph8h1RTAFT96a7CcGm5KZ3q9lsI3WJF57lfoHfTxUOE_NQNu70AgULczoy7o0fWqQbfTGZqTlVBVoXrJhiy3LxBi4cvPPwqSMoOS2VYjojUd5GQHQcRjywqcTG5Tdk7ezz43AyI0kFbVT-H2n-mt4P7i7GNnPFAB7DHGNvN8OU1GAY4JMYDxjom-BYfobmds8Sm8ql-4WOellXkU43lFScNlTH1P7yfLJw6EqlYcwB4S7mRmYc0iOvBogE7lFSE3t2UjZR_wLGk5ZLwjdSFt4hmwdYwx0L_0xMsD92Gbq-uS6hqLjvu_3ji9Hg-XGCmJQb6mKdq-Z-FApW_lWYv5yGTwVxiZxmg7yyO8ed3kGWR-5nsONSPvLIAexccVF-dOoPSEgQf-VGgiVNvHKqk4E8emnyRIUqHRzADhLSY8kkq9U6vYIXq_qESSEamFm6_QM0Is95w8nPdtCfXZirzlNGSOYXUUW8csMqX7CjSiO6ptKewHLtJh09NfBqs2brdtLza3MGHvQvM2rY1cuU3TFe7aScvM-lziBqOTOghGk40fc6031Vb4LyuQ-7AFVVEJX5l-9O8knOcdQy9hjQovLtQIiWv7P50kGdkQlUpZQ6cJ3WTHQ0cswOWsAjyzlyZb_Lw6TKpt6lNO8ahMbUEwkrPGJzGuCeF29SQCMayaKwsUviLO9GkgHErvUlfk8xy8LzP0FjHrU9ItHEVGe3eigndrOHbsah31N_DhHIAFwZo7Xi8wdOlnaiE32LGi-_gFRbAkMAlgG8_Y05weeoOKImgpIuIUvHfeUeDPGR43EdZyppRNSBkVOC0zH8xIe7h40DRqrWeUh01uojozJkGg01vJwMtNJoImDCr00C78O0ILzNVNrONoZp5Pg59nDHRkO_b07XL3x97dAlV4nNz47r-1enkMgY8J5ZpbUWGq0Gp9boYK3WOEFV7YLHVMM_NIXsZ-aHfkUpYUgv_NDeYsF1aL64rSFlYwnTOai75VfuFge_oxKOb0X19Qg1iQ9EEPET4YlSOn6oYe_zVi3hdqMYq6EqDK0BlDWoqqz86BGcZCX7-CoP5kbNB6ydqKXcDEBlZS07HWiEWG8mg2HtknYszGpIhHAvWcQW83j21ZkGpVLczyzHIJQmlvbU5DI_erf3SYb1xcDiRtWEUQDztCwpMtoXXUqL2Yd-9YTECfKJq70bB_zfMdFvz1pFEBsFhxurBU2THJxaXdsLt6wTjYuInamWeLrIWc02qjzYGYGLPpIe1OadXWjdB7rGw-cl0T6vQBJSYhzt-7ApqvQHxuHe99reVWcvVnKX0PvEMSWbN7LY7guRGA85ZPGztasu6Chh18lLTGycWC0GNANy-y4L1g5BOvuhaEZw05pukNaPZMcnUabbF8QtagxTjHGe94m_6OWjWotvievAcKYKCwrxMY01TE1bSyVrCILsvaFHmcodNQSVXUCuRZRxeGtpFfcEeC0yEdf5NNZ7GQ8n32sA8P9XtufY-V1SRYsZUUCuRtuk-qIdyznQkC68h2KEHlZmthr5LyeuOvUwEtAzw&cid=CAASFeRoGezvadCWuX44JevPvr3ILoYmQg&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57be5f48b1026192d7b3d26fd9e58f65192f99e1d3d7bdd4a8aa6e309f9586cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12348
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 600E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXYqdkI6BPzRS2kT-UIelNNoHruMvAsIh9i-URY_ZhAO17Qpk1cIkdX_B2kkDS4-S--dNkd2kVQiGndcF89_aLmmxmjsrpdDOexivpaPosCUE-Rbk
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 600E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3796
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 18:22:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 11 Jun 2021 11:38:26 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/695971/54149679/ Frame 600E 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/695971/54149679/skeleton.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.16.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6acb9782052da33cacee6758f61864481e69ea55e7ff2fa7234f506c03793bc9

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
x-server-name
app10.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 600E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 600E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:58:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 600E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:56:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C1EF 		624 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhjp_eyVATAB&v=APEucNXfiu1wJfeGzra8baQJk9qfD1xUJ92qL3UR9yFl0QIW20HmMRnZJwBFbDTZtaB6u3hkYDXEOof4jxKU6YmW516IIq3DfKE6UZE9YQi1fDItpwX9aS12sQLO3CzinBKqVCKfmp9NXNSrTFVfiO-ywne_MkJFKBPtoHF10YBdIJBJrTo8IqM
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMXlgQEQ1K6oAhjp_eyVATAB&v=APEucNXfiu1wJfeGzra8baQJk9qfD1xUJ92qL3UR9yFl0QIW20HmMRnZJwBFbDTZtaB6u3hkYDXEOof4jxKU6YmW516IIq3DfKE6UZE9YQi1fDItpwX9aS12sQLO3CzinBKqVCKfmp9NXNSrTFVfiO-ywne_MkJFKBPtoHF10YBdIJBJrTo8IqM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 11 Jun 2021 10:58:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkir2XfkrTKqKBVB4Dj6909vKeU-hy_8VeI-VsAByz2O8tWkZMB0XJWwIld; expires=Wed, 06-Jul-2022 10:58:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 11 Jun 2021 10:58:07 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 56D3 		44 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZjqZjoXz0slkfYxHNTvQXu9hxQnPV3gV-4rZrSmMHOqymWfQ01OEbghoyRP4cQ_VtAMsFdLFbi2384O1RDfzEkNKuv25T3HY9asWGCbzawu76dZux8guglW7CbI1-bDoiDvtJhEKptShmj3fAGKGba2IfjQ&dbm_d=AKAmf-DGFr0ZksiVPPEPPBlEIw3MBP9iTFDL6QAPHIZ4TWN8HbqlBFCD5-LmuHuslZOm9bJagHH61jgngBo1_kk8O2Hy4F2yLsrdItvyjgRaQ-1TvfQ1XnU_DIeLYssz0ukEFKU-wdkNyzYYusB_yvH2OMQN4XPGGSwaIlAUy5YdQLIXFwocoPOOoYfNXZfdKfO9vJZdznxR_u0jdjGGfshRwymYg3notQ5kfZ_6J5RXiRGq7ZnnuRG9e4UocVNcimFVeQCVID70ViuAm-v7OmtUJmfRhQ3saMVCZzKfZKwVN26LmE8xIyL26u4YbLtqABqhF-XOrQZ7Fs2efOskTGBjYbx52rF3DKJh2akHOSkGax5iNvfCxCye90_fTMe9mVPS5KnhIAG2FuQijoHh0bzEoQQVvkhimyH1HUuQWga17yjPeZNXgZPIQUugkzQy-Vo85jOvXLu_qOTM2eAaLXqnBiYnIT7TGYY_Efp9hs45-V3InaatsUOZxDQTezZtizfsDNU1gSgw6kTvYljLKrffT-RVGVdszKrkSDCVWRq-_MAAzztip7QyKIbfxrUGJR6ochitxgThJhHFJKHbvsSkLNcLL3TF-UcMyWKRGe941hJ1NUXqf5C7yPmYU9eU7AjPjzBbbF-_V5XLbW-EBpdryelEDX-OiKpjOt4HDjfZ_N3E-60QIxG7KJVbWBE7jpuWLxw0BZczWeEeHM4lwWJ9BXc8JRjAQqFALMEyv0qTdK4rrr9njvWi_9JH_0jEDMOKHWEdR5BgP91Aa0YRJXzTsTLnGIfFsf5oFsdpJm13cl7nyHnv7rRhobNYtPPpO5Kp7JmhlYchjj7_xMANsz4lrAi4H5stkHAnjWQsTJbrkm4xANS2AIVYktWxKvLvQaJDpf31x_IQjbbvdj0-7hH9gcvhAA4XkkxYI13f6_fSOB_vtsX2Vhm9GtHp3dejdm9PIfdqGsakWWSWFhr8QlowJxrjL7nXsYPDeLrHZXIYOoDGxHyS1WQ5hw0R2lDyDChsp4ksgOXePR48RMQ0kLFrcSrOe8MHXHKPVc1RASpu2-iOLTkm_IJ8F0bXBFCn8kpNbRnaewEqJSeu3xW05IZtciIhQAXuk2-cN_lOzyWgBzTNV_V4PgXB9IjwiDpmxru0GIchUoUC_ASIDchMQayll3f_nltGM8nmfXJiTvP4nBpJ6bvftglFm5ao9yXwr-6wk7Ex_CQmbd8_zA3VMynkrlbV_XIxV3Q2mILneo1eoS_j12hpCXWQH6osTUkrBKgaA_Cd7R3DnAUgSKbmU2vYoiZa1wA9Xq1U41mNyXVn7iVWPhGduxUAbej5P_9UnB79WmBYh9p13AZkIUuiXaeTn_SVPY3LTF1sV1lFnjgSvn897j06XAvBc0MORC9mNn3w_nAf8yMRLUJsy0m4dE63DkIVCgVj_X4knSYz2EqWn76NRCfMxKpB4rX34ng7x3xLMvre9Dqx7HU3FBqz3xna1BfEptfG8L2CKHeCGXYBPbk5gW52VKXsdeE9_J6Q9GXSolC7c0AiIcZN6QBDETI7zsw42BQeSFsoVUSp2hrJZRcEW2ngRo3VtVzbQy3v6ND6kX9gmu6RoY8ABZPQo8_UR7-byLVm9SiW-xQagcjNYb9hJKO0TZ2ZHDJ3lSSsnzCf1saDrwHDvrdEiSxROOcbO04cyvqj7IrWczVIiyEdeRDROEa8AQWlUsK9MBYfUW3A2876wxXtXKBQ2lUw12bBol-yiJ8PjjWnPssjBFxAvN6SUtkb3dFs9p73yrj4-OOZMtpd7R51An88lXbGRUJy-RSwq9lmzcMHMweAXCgSKvH6WoYXr1egBSA1bgAxGe0egCH6ofsDAy-teAfxPA6VbFnUKgY_OSmDhzh8CziJwQZHGcjpUF-hewAO32hYGdBkeoI51g3XsY-pzFT_8329KTTwaitcEuypuQiiEN3e_WPFCl33vBng1tQOqDWmt0AOESnxCTqBMcEaupv6fIYF9U2bHGur8-jrrdJD8ZZFAOJWYhkekBAbIaVLgNKaBgz4kWIJO34JaYhXtV3YyO4ydWrZhc1X-oQ2-j87QdUP_xqt0FNA_WWSz4ap_B4wr9XG9qSITzlxQ9ewsozf1LlAo4sgZ_UHcFX02UjziocCSI7aAA4ZB92G_SQ_iVJhu7u6cV-i-gFw4sUUv79iKVmbe90pUNJQLXLexIS6WHeSkThCxu6la9_8idfa2EU_LAnkSMohF6oV_vT06Jl9QWO3ruf9fC5XC3t_i4Rwj2RUnxNQq6RU5pceuKT1KsMhvP64y1fOXhypiL6skmCK3bDcvkqy_2dTp4YViInistOnd4LwKVe_vIO-zPhk4TjnHwYR0bti_8pf5PASP4v0aRqz7g5xYhZsFGTb-fg0InXfNtDYV6nmEObpvdljpLrD5DocsI0RlLRaF5qFCRg3rp6dd5-gZoFGKMXYCo-wd3K-fIw4WvtBGhwZxSFe1c6nasJ_36y9Pm2Qqj6iXaMMOgMnnjlwCtvcwK78nCS2nlWpNjbjZ9uScJUKSH-Ag05Nlv_TqjGjiU1X4dXvQTl8eZ_CZgnEInMZ5TjyvdAD2D8sEeCfY1D0wpc3PVmVxKDeMIPWDoRkcmkm4wrTbvnofR3KOqjvtV63Q-TtoEEZQsr4-KZo3oB-ZNTuzwEdOfb8otDNdYUcL2eARnLBiL9QvYCD5GyKeo_OzABwR-rQpoV3wHM2l5NrrM1-tC_H3breW4BuU1pqDsOVsx66igZxKyaV6nf77w6cw4tgh2ik8Jujv49hiLWeXvDB6RLKLyBR1-b57y3479HgBq7-bAc6ype281cENiiNr_MJZ5o6YL4-PHPeysWoeyFm2xkkfHZWSfxYy8DIuubFpdEm5lsjIFCUlLCFrIF1lewp1Wq2Lw9VljihWHjuul_D8rTeKS2jz8cbHsPKwwzfI97c3z8ibRoe2hDKDkqYmT16BcMSYAx0MZNgZNYYF9YiD7bxFdjvnKqqnfA0MVaVEYiGmOko3BhXb_gON9sM_ceRHRaLJuS9hLCWFIo65R5sHjU-1xUwbkKpgPbeQ5GVJyBhv2W5itPxU2Mx4XNN7uEE2ruM7Dn0BK_dcic__gamn5mGxj2GFB6Ky50yYVeh4e3Mw9shbsGWDD9zWJY7rEOFVF9f1hriPXjHgMNARTfdL-cSdIr8IJDVhBweCImre5K5_0z17JxPTTKInk-5OodMElLx1OeR0H9vk3mQBgkRDm_O05HaYZGkFoSbFKc8Iz5_sztQbnPVAxj9cLGMAw&cid=CAASFeRovtd4MmZP7fG_uMb0uBSW8pTXfA&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c42f64e27f6e9edd2deaa328be7465cb135ca779f7761d723644b44248d93713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21585
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56D3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcsJ6MOJ6TFKRhfkIeErtTDxKHbFFKkqmL3h27vNjf0pnewvTTWfOLLMF1aBWG8v1L8BeinY02bvqnMV5OfSjeYhdtE_MbGV8KW6O_mAIgLq862yY
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 56D3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56D3 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:58:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 56D3 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:56:00 GMT
l
www.google.com/ads/measurement/ Frame 56D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIqm9BK9HKC1UMaK1XMPTSvq2iuJcDgt0L_NViLZJwNXRSwVjwnfadDzCVkdDvJlIbqd4Ta5uis0nGcbndMCdpjE-6vw
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame A3DF 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJyL3s1ChiMPnjwj60kQWLMWxTXq7Qypl_loTaV8Ip8kU1nqmVghvj4FhDz4FwdZeFEauRXXAQzdZ92gZw-n5Hp9_Z4nODlKXkZM1yukidk2ync1BlM8eb6c6dgQ1osqn5S7A4Eo-9Y4s8X1F-Z4C3fNqtjuA9YWplvvbBoFfPr3VYq_tUpZ8Vx4zR7zUla4_z_QFVlfEz-VFnJc5M6zcOsPjtsRzQPtxwabTNz-uS5LyVRM9vYT5ou56dMEzvKUP6EVaWNljxbBfjcepQNidOBLHpChg-L0D3iuWZz2DQ1pYHbj4II8Epo30saUCa4Iz-ulUYvdy-30_9jmZigkO9iYjWQi8CI35z-ZDvlHrxkpmJkNExUIu3P0hyZa1CeogFpWIlzFIfkccZEe5c08hKvrfNQsXn2w0Offd0LAfmAxWy4uha5VtohzFVHLPUv2GBIWI8ZzHMYotSoIB90bb7SGfbEsZ0Bhdm641gM_c9p5QRfM1u7-D_eipv4AvANfpvUMh3YGADkcF-49M2D6gTnmjl2XMMDzQdflXSeRpAbtArTeWkPlKdpR_I88Y8ePzeE5nhuP-oNhU3Vqw5GgHn2qMs-Cz4jKlJQxXqCQy7fCerhdpNj3O2heeKoM0D1ylAMeuzEUWrddd6aP4vYzzErkQRL0h8X_oBPvbNEwJG8Ce44BzlsmjnPB84o7APbJFj75Q2oN3YN8LZrQIMHBkm0KXQAR0zPMPYipYxnyotzNP55_E-uYMXlDb51gIkyvc6aZ3CPPw5StHVkTJbgseYYWMNHNJX3JRXGMEGtKIl_S56ebw6UihMCWI4oaBmrez78AKuWGVvrmcukX386UQWnE1D_IShaa9Q0OLEIhTqnsI5QSc9atQWMg6HzLyYnXpzoxL2GUibGDNgdZvyNvBEcodL2kFtolXjb0JWZFyYwG8eDmO67LMNsbhWmY4-6r_q0lmZYac5ecqKJHhefaB6zi1CYctFQsPPXDBOii27xZONkLfU4nKNGpTzXqIhz2pSObgU2ci1AbLzR4edC0l9o7Ym8nw4BbMoWu2mTADdaACXIQph92FoGYS7_S3-_crsxqmF2vtFHAABNfbmjmmMIppzzyCeFVxAeanV4aRLw27gQBEv3_-ZoH0BI56OOJCK-1RAdBwSzdMHzEppt4VrIQ&sai=AMfl-YRZC957X4q5g5UTjzGRNYuXHEhx5CAPI3oIBh3x9XVMCfOft2Y_FaiMZ0mJid6Peix6sCg0rpq3mgz7LAB4UPDn_ekOplXqaXtriz-W8zjhi59KkLx4gokvhy3xHsHJXtfC6MqDxNwd2khkRi9wGkl660dLlhA3sKTA4FFwq-cMbEz1sWKM8FFympya2OSUAhyW4veVmvTUqeruAYVENbLAum18wIgoSwApT4K1XaBDeYvTW0SvGhzfwNyVKwh-Fk4LKVBeogSAS1gxdPGPlQ8MhYzorNapHkF7MWK-mBhV0Wqk20pNH2T2QgeVAnh5_tofWt0LcdsNE8ihposk03S_2If36PoTnjxXN394rxZnh_f6ZqiaDQjktDpdQ1Ulew&sig=Cg0ArKJSzNLDwiDXKdm6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&vt=11&dtpt=75&dett=2&cstd=0&cisv=r20210607.97077&adurl=
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 10:58:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 600E 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFhxpk4Tz4bBIh020vXCCfX3gckOJD9w4Ai453r_kex_tOHCz1INVZ1n4-8WbdpIE6_u7mh9n0risOKb0WTxsztWaM3LgqfFMtuQd0_HDQ4WSVNQynsFEhmFxqhz4D8aomKy8pwYCFPEF4ihAFRfW_P4M4Kg&dbm_d=AKAmf-D1nPUujdWt7Bg84Ldq8pHFnz2ihPL_STu3Rr_OSVft-EbI7VCqQWI64nvVjVYl6sjXYGphWUDJnYhb5_Hn-J1JVh8Ul-SZHoDxvwjrPDihecbKH34N2lpn79kMR4Rten7dJcHQQj6v-9xxLaAd5g2wZQ7-f4oD_ojBYjH5Y_uXRY3nJY8WODXG8Jq4SyVFyujsa-vpffjRzxrWbbFheBchuKIW4hE3GQCfug46s2ZPApWX7jAmkoa788DqNInDWRbr0oMKNFIaH08KK3m463lFDHJRJcuekb_2s_xOOiTtwirH0-Fe0GJJQ0cgqF-zXuEWJ0e_YwpAmJuJB9xWws_WwpROz6kvli_1hTogFriU8EzEy0_F1pYUxIIiTNUVAgLP-qENz8vfKe2DlyyxXtkegMnEYSbvTRNDZmURW50TzpELNwLq-tL6FOdsNZ8oVm1vj9dxfXr0IqGjKX0uEI4eHHa0dsaH7btsHpk53_WMjDP5ot6fxJX0mJuFpToLkRxE6BA2RRQxDZ3bfp_JUtfYmmHNOpFJpWMSc46KuSY7iuu3rLGABcPKuY-OJthe1obJBk_OSkfPjhI8ZTADd5h_VdP9BWTryP20zcAkHwfSNUG6-FUZhzsA1evnmbMrVUIIxKZkdMCTyKprHdufv5FClfTXVdR7ij45xihIZu5WOdD7qefI2ZxehIdyEKz2lt1kzKV4eaYVhGz5J3RFfIFal-DnG9uALBUyyXD6TbwaPS-bmyWtsKxhb3sAxjbAVG1vdkHEcBHzaDTfwSPeQ5q9G-xBJQPxq9HAS9FycrooegDrkl0ULm4W4Olnggg-f6Xi8HwCg2B3cKMjleC3JBQKpOWq0x2v4a-2zBX4ugDHuOC10nbSp_UlF3SwNnbMm-MNN-58YkL9qlgLgQJ1FDHe-qElZc7g0Jjl6bzi1aaGO2yaKh-_YFacL_2jnZHdiiNzlsLDqKLFpgnyjnGrZFvRSp2e8Aa3FlDkwAcoWKw-OfMjAXd5PCVp8iCjfJzUUncr_6ZY0JbaDPlmsMN4Tmqo6YZAKjIIFZNxv9J0h8SB3qoR1QT8IXnrfZkImL8DzHCbykVTzaruDcfMnVrcwBLNxGZCYPeU3VFGbqwxCEVUxSauim4QLiRH_L8pX72sIKn48dKyMEQd99KPyopqelZoAauNdYKkkYaXLc3UPt1J9KiFf-IHZQw3xdHVQ61kgeFbt4UoY1Gos6ciT9pzsmt6rNVusjbN3dPql0bD66JO8H3XcJ0d4OgONFRnxEFGlvfMoQsNJzv0KwQAqO83MSmMPDU8LZ6ZwZCC-m4fM9ZsQcUPPMsuJg-yT9YS4DarCuVyYt-IxMZHKhaUw0kLf_C_5ekcqCCUmaJO0ghLcRvn9e4W2LPIBmWwLKNdR_PrUn92h4G7Sn3pTo44Q-5CINEny4cEvVp0v0yU5BIpy-lbT2Xa1teJKCgVPXFZz6YbydkxkHueS5gss7zJwnPd9yPQ2dytxzyQKfWEPhW405c7lMD-gBMxRhVTBaw-3dNXFrVL_UnrprxW4g9EEHIEDGQmxN4B9_58r3GA1q0UdsDkg3uQjMWwhFk7tNS-x-MabA_MeAet6PfWaUKShZtgXOmkw1jh5Rc35RjZIsLUjr8Qq1H-inQMGsC-0Xb0hk0AGbUXeWaNOnsdBMeeNMUOOQvv5pcbbE2L96oMC4iagGJq9M3Z8u_BLCR0_NZQbCyr7yxFZIGot0vph8h1RTAFT96a7CcGm5KZ3q9lsI3WJF57lfoHfTxUOE_NQNu70AgULczoy7o0fWqQbfTGZqTlVBVoXrJhiy3LxBi4cvPPwqSMoOS2VYjojUd5GQHQcRjywqcTG5Tdk7ezz43AyI0kFbVT-H2n-mt4P7i7GNnPFAB7DHGNvN8OU1GAY4JMYDxjom-BYfobmds8Sm8ql-4WOellXkU43lFScNlTH1P7yfLJw6EqlYcwB4S7mRmYc0iOvBogE7lFSE3t2UjZR_wLGk5ZLwjdSFt4hmwdYwx0L_0xMsD92Gbq-uS6hqLjvu_3ji9Hg-XGCmJQb6mKdq-Z-FApW_lWYv5yGTwVxiZxmg7yyO8ed3kGWR-5nsONSPvLIAexccVF-dOoPSEgQf-VGgiVNvHKqk4E8emnyRIUqHRzADhLSY8kkq9U6vYIXq_qESSEamFm6_QM0Is95w8nPdtCfXZirzlNGSOYXUUW8csMqX7CjSiO6ptKewHLtJh09NfBqs2brdtLza3MGHvQvM2rY1cuU3TFe7aScvM-lziBqOTOghGk40fc6031Vb4LyuQ-7AFVVEJX5l-9O8knOcdQy9hjQovLtQIiWv7P50kGdkQlUpZQ6cJ3WTHQ0cswOWsAjyzlyZb_Lw6TKpt6lNO8ahMbUEwkrPGJzGuCeF29SQCMayaKwsUviLO9GkgHErvUlfk8xy8LzP0FjHrU9ItHEVGe3eigndrOHbsah31N_DhHIAFwZo7Xi8wdOlnaiE32LGi-_gFRbAkMAlgG8_Y05weeoOKImgpIuIUvHfeUeDPGR43EdZyppRNSBkVOC0zH8xIe7h40DRqrWeUh01uojozJkGg01vJwMtNJoImDCr00C78O0ILzNVNrONoZp5Pg59nDHRkO_b07XL3x97dAlV4nNz47r-1enkMgY8J5ZpbUWGq0Gp9boYK3WOEFV7YLHVMM_NIXsZ-aHfkUpYUgv_NDeYsF1aL64rSFlYwnTOai75VfuFge_oxKOb0X19Qg1iQ9EEPET4YlSOn6oYe_zVi3hdqMYq6EqDK0BlDWoqqz86BGcZCX7-CoP5kbNB6ydqKXcDEBlZS07HWiEWG8mg2HtknYszGpIhHAvWcQW83j21ZkGpVLczyzHIJQmlvbU5DI_erf3SYb1xcDiRtWEUQDztCwpMtoXXUqL2Yd-9YTECfKJq70bB_zfMdFvz1pFEBsFhxurBU2THJxaXdsLt6wTjYuInamWeLrIWc02qjzYGYGLPpIe1OadXWjdB7rGw-cl0T6vQBJSYhzt-7ApqvQHxuHe99reVWcvVnKX0PvEMSWbN7LY7guRGA85ZPGztasu6Chh18lLTGycWC0GNANy-y4L1g5BOvuhaEZw05pukNaPZMcnUabbF8QtagxTjHGe94m_6OWjWotvievAcKYKCwrxMY01TE1bSyVrCILsvaFHmcodNQSVXUCuRZRxeGtpFfcEeC0yEdf5NNZ7GQ8n32sA8P9XtufY-V1SRYsZUUCuRtuk-qIdyznQkC68h2KEHlZmthr5LyeuOvUwEtAzw&cid=CAASFeRoGezvadCWuX44JevPvr3ILoYmQg&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8601
x-xss-protection
0
server
cafe
etag
18280575870105241958
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 600E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFhxpk4Tz4bBIh020vXCCfX3gckOJD9w4Ai453r_kex_tOHCz1INVZ1n4-8WbdpIE6_u7mh9n0risOKb0WTxsztWaM3LgqfFMtuQd0_HDQ4WSVNQynsFEhmFxqhz4D8aomKy8pwYCFPEF4ihAFRfW_P4M4Kg&dbm_d=AKAmf-D1nPUujdWt7Bg84Ldq8pHFnz2ihPL_STu3Rr_OSVft-EbI7VCqQWI64nvVjVYl6sjXYGphWUDJnYhb5_Hn-J1JVh8Ul-SZHoDxvwjrPDihecbKH34N2lpn79kMR4Rten7dJcHQQj6v-9xxLaAd5g2wZQ7-f4oD_ojBYjH5Y_uXRY3nJY8WODXG8Jq4SyVFyujsa-vpffjRzxrWbbFheBchuKIW4hE3GQCfug46s2ZPApWX7jAmkoa788DqNInDWRbr0oMKNFIaH08KK3m463lFDHJRJcuekb_2s_xOOiTtwirH0-Fe0GJJQ0cgqF-zXuEWJ0e_YwpAmJuJB9xWws_WwpROz6kvli_1hTogFriU8EzEy0_F1pYUxIIiTNUVAgLP-qENz8vfKe2DlyyxXtkegMnEYSbvTRNDZmURW50TzpELNwLq-tL6FOdsNZ8oVm1vj9dxfXr0IqGjKX0uEI4eHHa0dsaH7btsHpk53_WMjDP5ot6fxJX0mJuFpToLkRxE6BA2RRQxDZ3bfp_JUtfYmmHNOpFJpWMSc46KuSY7iuu3rLGABcPKuY-OJthe1obJBk_OSkfPjhI8ZTADd5h_VdP9BWTryP20zcAkHwfSNUG6-FUZhzsA1evnmbMrVUIIxKZkdMCTyKprHdufv5FClfTXVdR7ij45xihIZu5WOdD7qefI2ZxehIdyEKz2lt1kzKV4eaYVhGz5J3RFfIFal-DnG9uALBUyyXD6TbwaPS-bmyWtsKxhb3sAxjbAVG1vdkHEcBHzaDTfwSPeQ5q9G-xBJQPxq9HAS9FycrooegDrkl0ULm4W4Olnggg-f6Xi8HwCg2B3cKMjleC3JBQKpOWq0x2v4a-2zBX4ugDHuOC10nbSp_UlF3SwNnbMm-MNN-58YkL9qlgLgQJ1FDHe-qElZc7g0Jjl6bzi1aaGO2yaKh-_YFacL_2jnZHdiiNzlsLDqKLFpgnyjnGrZFvRSp2e8Aa3FlDkwAcoWKw-OfMjAXd5PCVp8iCjfJzUUncr_6ZY0JbaDPlmsMN4Tmqo6YZAKjIIFZNxv9J0h8SB3qoR1QT8IXnrfZkImL8DzHCbykVTzaruDcfMnVrcwBLNxGZCYPeU3VFGbqwxCEVUxSauim4QLiRH_L8pX72sIKn48dKyMEQd99KPyopqelZoAauNdYKkkYaXLc3UPt1J9KiFf-IHZQw3xdHVQ61kgeFbt4UoY1Gos6ciT9pzsmt6rNVusjbN3dPql0bD66JO8H3XcJ0d4OgONFRnxEFGlvfMoQsNJzv0KwQAqO83MSmMPDU8LZ6ZwZCC-m4fM9ZsQcUPPMsuJg-yT9YS4DarCuVyYt-IxMZHKhaUw0kLf_C_5ekcqCCUmaJO0ghLcRvn9e4W2LPIBmWwLKNdR_PrUn92h4G7Sn3pTo44Q-5CINEny4cEvVp0v0yU5BIpy-lbT2Xa1teJKCgVPXFZz6YbydkxkHueS5gss7zJwnPd9yPQ2dytxzyQKfWEPhW405c7lMD-gBMxRhVTBaw-3dNXFrVL_UnrprxW4g9EEHIEDGQmxN4B9_58r3GA1q0UdsDkg3uQjMWwhFk7tNS-x-MabA_MeAet6PfWaUKShZtgXOmkw1jh5Rc35RjZIsLUjr8Qq1H-inQMGsC-0Xb0hk0AGbUXeWaNOnsdBMeeNMUOOQvv5pcbbE2L96oMC4iagGJq9M3Z8u_BLCR0_NZQbCyr7yxFZIGot0vph8h1RTAFT96a7CcGm5KZ3q9lsI3WJF57lfoHfTxUOE_NQNu70AgULczoy7o0fWqQbfTGZqTlVBVoXrJhiy3LxBi4cvPPwqSMoOS2VYjojUd5GQHQcRjywqcTG5Tdk7ezz43AyI0kFbVT-H2n-mt4P7i7GNnPFAB7DHGNvN8OU1GAY4JMYDxjom-BYfobmds8Sm8ql-4WOellXkU43lFScNlTH1P7yfLJw6EqlYcwB4S7mRmYc0iOvBogE7lFSE3t2UjZR_wLGk5ZLwjdSFt4hmwdYwx0L_0xMsD92Gbq-uS6hqLjvu_3ji9Hg-XGCmJQb6mKdq-Z-FApW_lWYv5yGTwVxiZxmg7yyO8ed3kGWR-5nsONSPvLIAexccVF-dOoPSEgQf-VGgiVNvHKqk4E8emnyRIUqHRzADhLSY8kkq9U6vYIXq_qESSEamFm6_QM0Is95w8nPdtCfXZirzlNGSOYXUUW8csMqX7CjSiO6ptKewHLtJh09NfBqs2brdtLza3MGHvQvM2rY1cuU3TFe7aScvM-lziBqOTOghGk40fc6031Vb4LyuQ-7AFVVEJX5l-9O8knOcdQy9hjQovLtQIiWv7P50kGdkQlUpZQ6cJ3WTHQ0cswOWsAjyzlyZb_Lw6TKpt6lNO8ahMbUEwkrPGJzGuCeF29SQCMayaKwsUviLO9GkgHErvUlfk8xy8LzP0FjHrU9ItHEVGe3eigndrOHbsah31N_DhHIAFwZo7Xi8wdOlnaiE32LGi-_gFRbAkMAlgG8_Y05weeoOKImgpIuIUvHfeUeDPGR43EdZyppRNSBkVOC0zH8xIe7h40DRqrWeUh01uojozJkGg01vJwMtNJoImDCr00C78O0ILzNVNrONoZp5Pg59nDHRkO_b07XL3x97dAlV4nNz47r-1enkMgY8J5ZpbUWGq0Gp9boYK3WOEFV7YLHVMM_NIXsZ-aHfkUpYUgv_NDeYsF1aL64rSFlYwnTOai75VfuFge_oxKOb0X19Qg1iQ9EEPET4YlSOn6oYe_zVi3hdqMYq6EqDK0BlDWoqqz86BGcZCX7-CoP5kbNB6ydqKXcDEBlZS07HWiEWG8mg2HtknYszGpIhHAvWcQW83j21ZkGpVLczyzHIJQmlvbU5DI_erf3SYb1xcDiRtWEUQDztCwpMtoXXUqL2Yd-9YTECfKJq70bB_zfMdFvz1pFEBsFhxurBU2THJxaXdsLt6wTjYuInamWeLrIWc02qjzYGYGLPpIe1OadXWjdB7rGw-cl0T6vQBJSYhzt-7ApqvQHxuHe99reVWcvVnKX0PvEMSWbN7LY7guRGA85ZPGztasu6Chh18lLTGycWC0GNANy-y4L1g5BOvuhaEZw05pukNaPZMcnUabbF8QtagxTjHGe94m_6OWjWotvievAcKYKCwrxMY01TE1bSyVrCILsvaFHmcodNQSVXUCuRZRxeGtpFfcEeC0yEdf5NNZ7GQ8n32sA8P9XtufY-V1SRYsZUUCuRtuk-qIdyznQkC68h2KEHlZmthr5LyeuOvUwEtAzw&cid=CAASFeRoGezvadCWuX44JevPvr3ILoYmQg&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8378
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:38:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 1DB8 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CURZD_2QpAWP5MH5xoE4Lin6XCymQgFehM7hY2fJq5IlxtgTwJThVAmg3dKeV-ASwHPPv_wg_CvClEvJakxJQiEnYwp2hUzjEeJS-_TGcMNqYcDCMvw62YdfFK2TCrMNEkgrshpfYUntoiCGqaTSn9WWFuXg&dbm_d=AKAmf-DtTj_vy8WJnX8YHdLt7Y4QZffji27FiooIV8WpQYbSHEBP02-VCCM_qsw5YJ_tdJQ3cG-x8wZKH9YlDYs4duIOl--tH3hnOozYfdJGdyQHA6Rq4laqQas15ByhWJj5p0jjnktFWmLEGuh86KsIkn-GPS564kp6Grv4KMcSVJfyL8qxQOP5_tehzFhBE5Zzt2nYrQ_WcOA6ioVgOEa-EHctgzCD3PeYWZpZxQsAZgluxdN93cHkD1-sUHDWLf6exOVn3T7Satxv7N5x5CMtC1L-kyrAIOE6_0SL-LA_XxehVRZS5rXDikunSfVpxI3-JIrF5Xl1LCIevevmVyzXMd94T9AQ2MIfjX-4yvQQt9Jd8xZSlH5vPU7x_NN2tEEIW64cAe7tKkdjeS-76bbr7Qd8Y1pdbre_Sc4J_BVk3MWoDdvTvmMpnB44QW0LTPPMBJeKD0dnwkeVcqz9yG2LsoGK0-dMlDlvkuQwha2dTu_drI2n04TgRpKRkR4jIj47Vh1W4TMmu1XtlCUqj7gK6PjcSi7qXEd9dVyAPIikpw6GCYl7M_EIBdl_CI8tbMVMoih8qpTitL6cNt0pJ7CR92VfZWkV5x2cscvih0ITIa7AnL3wIthYwGnwDAgM042GOZnb905A6FEz_mrSxc4J5f-f7hr5k_Cn6sT0BTwSLakSd772aEHiDugxvAxFChlvP2tjPs7FCEwb2a-tqYH1kX4Ud8bOkcY4s9-p00VOI1eT_M4PIwaXOW4R7J0_ZHJMb1YWyr49iLHNK6J1IdcAaFIQHIszsX8P18Ul0s4qGTfd2cdNLh9dK9y6IsHYCCho7ZigQ5nPCkKdDUrbk1iZiH8kiXr0IcikACa2NAyXVkB105ZKe0Pv2SFMZSU6HiKJtuspkBEjjjVI4sOHcIvMFqUR-MJPLkpBZb7pt1O7eDu4cB9Ir1A8T-UgxMAdC1qJocRBv-xJd9Hfxj4AaBFnjtFT0Prnc8WtEtBGpK6goPLcsyWTm86BFJuIHZLrELzA-BRNiIbcjzbvos3ObT1roC1y9u9AUIINsJ8CBqMH6QkGIJ4MJuPrukdnjCX-X7YBwfe_g_REwl8iKi_2F-Jq1vV7M1NvYmEA2iXWT0n-l_EgDQCHsrtYeTrIeHyhW0ZdATZSTyxiHi1j5r1It0wkr5XUaebI7yBZAXAP8Zu1_OBI5a-DefJYebvTuG6ZZal0F2Vgdd2q__jN5eix8qQCZkddzXG6FREK7adBkR8n6jyQloIRqLKFanPLnhN3-bBup3PlR7xKWfDqOZaV2B9O-c1I3Bj6xRKo35iMgi7lw_SzphJLk0t9JmCJIvQGJh_y40-wm3pIK4JgjGSLp_u7d7bYbbyuVLJcRid8ncDs0nkWDzffEdoSBeAkrJ81_T048fWnfeXbJxXacAxoogG8MpyRod0mWSZlxZOh3kyxy4PFhm973VTX_UTUH0Y3Ti3AXzLjPeSWlc765qdF94g2uaiRuMWf8RD1bynTnBamHeQWpF8kxPxI0B20LtvDM-52RF7EMEJb99kd4eidt1d31UaS07xXUhAYKK98AYLuHEMmEDRcQifUN_XPePC0o2eo8oEYvlGX62WJKAI7zDycYWFPVrR4-cxMWC2wtpiXLl59bVld0tndWz29aCW-TKsCH0fMfpTOb6Ac6w6mM1CC9eOyG2NRz3dDCGGXkO5k1AMz3n06SN_t7mJnu2Di7rAJGXh-tjY57AcaNtcFiT-R8g53LvuTt6XbouWGrxd6lizJSYVQEzoVHtu7qOgXi9Ie4ZUHIYPA-SaxDP92v8J7PcmAlMAJI9rxdFRXBi-ZZsGyyBjdXcQX9GL_wiG-sn3axxaQCgXGLMpbJbnENX3fdT7i2HRwCm_eBGPQJauqAupLMQoMOJ4YbBEn4wZskuuMReEmW2FVb9kzdJXw_L3rcCZxwoDj4jFAay-X467f8dQqNoZw2IJUVwjObyHE31J9ELv5aR2LtoZyMKf-A8cJXDssdXS67TNvNT6BABzmQvz66-rdMgkPzYPCE9ZZRdGOF9320jyfhuflt5JDD92ZRhIaf5b8WlvOmc1qzGopu2v0XOnK4iwgpuAP8JtZG6ma0TSJEXgdn6Euuv6NJx2okhhfUu1dWuRkBYvLK9M05ssISmd-loii6waQZG_zdxjm_Ybm1lV91UYoDSMtR4Ci_-RP8BW0Kpg8gFlXTEEe1A_30jF7DY-u7ccRB-flXsjiBAZ7LJZNei_EkvDUCr9NicK6n74kJxqaNGhgtyPmtV3aBjDC-EZGiOY8YQaNc-t7COHW084UDjVrQCGYqDUIBr-ojxIu7X2veE7jKPPzFhKzsQA38R5ZLiKwsWz_zK3PTQNWeWmdgyesvzzJ4DouSX72BWuKsvwo47y4hZyj8j7Qdj8OLRh-i7XOsW0nU5O_l6sKJ4Qsuk2DY9ws8MqeT5s-6WmvUelX-jnqsOP46XO4ZeGH_psy-8mkswd-py-0OHvI3QNY1Bjz_gK-ed73d4jy2nszkRPpEbhb7gAr-sAY7Xm_ERW5QBmECRhhb8F9PMYs3CyGpmrTTsz_zFLpLg2to--TRqy51juib_YGxOaToItRUJaFxHsefqELLBydrCzej15Y59IeN10lSsh4h3dDZmU9ZKA7ZeXWBhNQFDUf6UMyRDnxwzLXGtIdMCH8d0otWiS3fZZbw3jKdTdWC40LjvR7C6HEt3OWAuK_dHA_4G-yhg_4oN66QwBkmWoIqlSMTgLBIXYHX0uZTauvRR5-Tg7_dt5sUF1owtQhbtoYV3ComTu0TwoL79zKvhyJa92GwQo-6o9b0-Mbq-ky_PrKd2RYR0qISyMGVDZViDvgC3T1agquZ6yfALoFZL5JMbqNuK5RVxtpIj5ADOqxSp45Ux4k3G-wCLm9n-hMw5hjIcoP9JRnK6pKp445MEaoahYXPH9yY2VeMWF_lvlaWHSsni_ioQx_pNbZMKxFWrMGlpTYbzyaToSruGFNHt8wkM7HPpBZmxbePK9fKa6mM1dwJvQ5_GPQYjfShVRcbIvpkJgKSNyjZW3cAJU5vxcE4z6CNicQN0Y4qUsfTfCSJHAwm2pu_b4746hfRBXZe2Wj-59ibxMgPqFU2NaDh_T1o9U2CIsGEH_yEaytmSyt1UgSMS3JQ-PWL5HoCVNrpF6PpCLtehq5QXiA1wNdkmNavRM6XBXw3CFdp0RzHTArujJ26DeANM3Tx0B74Xq-96mVwsc6lv4QhzU401xdUDEeXh04NXJ_&cid=CAASFeRosjFbUcZVCrea2WwHdFKsSfS4vw&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8601
x-xss-protection
0
server
cafe
etag
18280575870105241958
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1DB8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CURZD_2QpAWP5MH5xoE4Lin6XCymQgFehM7hY2fJq5IlxtgTwJThVAmg3dKeV-ASwHPPv_wg_CvClEvJakxJQiEnYwp2hUzjEeJS-_TGcMNqYcDCMvw62YdfFK2TCrMNEkgrshpfYUntoiCGqaTSn9WWFuXg&dbm_d=AKAmf-DtTj_vy8WJnX8YHdLt7Y4QZffji27FiooIV8WpQYbSHEBP02-VCCM_qsw5YJ_tdJQ3cG-x8wZKH9YlDYs4duIOl--tH3hnOozYfdJGdyQHA6Rq4laqQas15ByhWJj5p0jjnktFWmLEGuh86KsIkn-GPS564kp6Grv4KMcSVJfyL8qxQOP5_tehzFhBE5Zzt2nYrQ_WcOA6ioVgOEa-EHctgzCD3PeYWZpZxQsAZgluxdN93cHkD1-sUHDWLf6exOVn3T7Satxv7N5x5CMtC1L-kyrAIOE6_0SL-LA_XxehVRZS5rXDikunSfVpxI3-JIrF5Xl1LCIevevmVyzXMd94T9AQ2MIfjX-4yvQQt9Jd8xZSlH5vPU7x_NN2tEEIW64cAe7tKkdjeS-76bbr7Qd8Y1pdbre_Sc4J_BVk3MWoDdvTvmMpnB44QW0LTPPMBJeKD0dnwkeVcqz9yG2LsoGK0-dMlDlvkuQwha2dTu_drI2n04TgRpKRkR4jIj47Vh1W4TMmu1XtlCUqj7gK6PjcSi7qXEd9dVyAPIikpw6GCYl7M_EIBdl_CI8tbMVMoih8qpTitL6cNt0pJ7CR92VfZWkV5x2cscvih0ITIa7AnL3wIthYwGnwDAgM042GOZnb905A6FEz_mrSxc4J5f-f7hr5k_Cn6sT0BTwSLakSd772aEHiDugxvAxFChlvP2tjPs7FCEwb2a-tqYH1kX4Ud8bOkcY4s9-p00VOI1eT_M4PIwaXOW4R7J0_ZHJMb1YWyr49iLHNK6J1IdcAaFIQHIszsX8P18Ul0s4qGTfd2cdNLh9dK9y6IsHYCCho7ZigQ5nPCkKdDUrbk1iZiH8kiXr0IcikACa2NAyXVkB105ZKe0Pv2SFMZSU6HiKJtuspkBEjjjVI4sOHcIvMFqUR-MJPLkpBZb7pt1O7eDu4cB9Ir1A8T-UgxMAdC1qJocRBv-xJd9Hfxj4AaBFnjtFT0Prnc8WtEtBGpK6goPLcsyWTm86BFJuIHZLrELzA-BRNiIbcjzbvos3ObT1roC1y9u9AUIINsJ8CBqMH6QkGIJ4MJuPrukdnjCX-X7YBwfe_g_REwl8iKi_2F-Jq1vV7M1NvYmEA2iXWT0n-l_EgDQCHsrtYeTrIeHyhW0ZdATZSTyxiHi1j5r1It0wkr5XUaebI7yBZAXAP8Zu1_OBI5a-DefJYebvTuG6ZZal0F2Vgdd2q__jN5eix8qQCZkddzXG6FREK7adBkR8n6jyQloIRqLKFanPLnhN3-bBup3PlR7xKWfDqOZaV2B9O-c1I3Bj6xRKo35iMgi7lw_SzphJLk0t9JmCJIvQGJh_y40-wm3pIK4JgjGSLp_u7d7bYbbyuVLJcRid8ncDs0nkWDzffEdoSBeAkrJ81_T048fWnfeXbJxXacAxoogG8MpyRod0mWSZlxZOh3kyxy4PFhm973VTX_UTUH0Y3Ti3AXzLjPeSWlc765qdF94g2uaiRuMWf8RD1bynTnBamHeQWpF8kxPxI0B20LtvDM-52RF7EMEJb99kd4eidt1d31UaS07xXUhAYKK98AYLuHEMmEDRcQifUN_XPePC0o2eo8oEYvlGX62WJKAI7zDycYWFPVrR4-cxMWC2wtpiXLl59bVld0tndWz29aCW-TKsCH0fMfpTOb6Ac6w6mM1CC9eOyG2NRz3dDCGGXkO5k1AMz3n06SN_t7mJnu2Di7rAJGXh-tjY57AcaNtcFiT-R8g53LvuTt6XbouWGrxd6lizJSYVQEzoVHtu7qOgXi9Ie4ZUHIYPA-SaxDP92v8J7PcmAlMAJI9rxdFRXBi-ZZsGyyBjdXcQX9GL_wiG-sn3axxaQCgXGLMpbJbnENX3fdT7i2HRwCm_eBGPQJauqAupLMQoMOJ4YbBEn4wZskuuMReEmW2FVb9kzdJXw_L3rcCZxwoDj4jFAay-X467f8dQqNoZw2IJUVwjObyHE31J9ELv5aR2LtoZyMKf-A8cJXDssdXS67TNvNT6BABzmQvz66-rdMgkPzYPCE9ZZRdGOF9320jyfhuflt5JDD92ZRhIaf5b8WlvOmc1qzGopu2v0XOnK4iwgpuAP8JtZG6ma0TSJEXgdn6Euuv6NJx2okhhfUu1dWuRkBYvLK9M05ssISmd-loii6waQZG_zdxjm_Ybm1lV91UYoDSMtR4Ci_-RP8BW0Kpg8gFlXTEEe1A_30jF7DY-u7ccRB-flXsjiBAZ7LJZNei_EkvDUCr9NicK6n74kJxqaNGhgtyPmtV3aBjDC-EZGiOY8YQaNc-t7COHW084UDjVrQCGYqDUIBr-ojxIu7X2veE7jKPPzFhKzsQA38R5ZLiKwsWz_zK3PTQNWeWmdgyesvzzJ4DouSX72BWuKsvwo47y4hZyj8j7Qdj8OLRh-i7XOsW0nU5O_l6sKJ4Qsuk2DY9ws8MqeT5s-6WmvUelX-jnqsOP46XO4ZeGH_psy-8mkswd-py-0OHvI3QNY1Bjz_gK-ed73d4jy2nszkRPpEbhb7gAr-sAY7Xm_ERW5QBmECRhhb8F9PMYs3CyGpmrTTsz_zFLpLg2to--TRqy51juib_YGxOaToItRUJaFxHsefqELLBydrCzej15Y59IeN10lSsh4h3dDZmU9ZKA7ZeXWBhNQFDUf6UMyRDnxwzLXGtIdMCH8d0otWiS3fZZbw3jKdTdWC40LjvR7C6HEt3OWAuK_dHA_4G-yhg_4oN66QwBkmWoIqlSMTgLBIXYHX0uZTauvRR5-Tg7_dt5sUF1owtQhbtoYV3ComTu0TwoL79zKvhyJa92GwQo-6o9b0-Mbq-ky_PrKd2RYR0qISyMGVDZViDvgC3T1agquZ6yfALoFZL5JMbqNuK5RVxtpIj5ADOqxSp45Ux4k3G-wCLm9n-hMw5hjIcoP9JRnK6pKp445MEaoahYXPH9yY2VeMWF_lvlaWHSsni_ioQx_pNbZMKxFWrMGlpTYbzyaToSruGFNHt8wkM7HPpBZmxbePK9fKa6mM1dwJvQ5_GPQYjfShVRcbIvpkJgKSNyjZW3cAJU5vxcE4z6CNicQN0Y4qUsfTfCSJHAwm2pu_b4746hfRBXZe2Wj-59ibxMgPqFU2NaDh_T1o9U2CIsGEH_yEaytmSyt1UgSMS3JQ-PWL5HoCVNrpF6PpCLtehq5QXiA1wNdkmNavRM6XBXw3CFdp0RzHTArujJ26DeANM3Tx0B74Xq-96mVwsc6lv4QhzU401xdUDEeXh04NXJ_&cid=CAASFeRosjFbUcZVCrea2WwHdFKsSfS4vw&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8378
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:38:29 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B746 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 11 Jun 2021 08:38:29 GMT
expires
Sat, 11 Jun 2022 08:38:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8378
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 2571 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81445
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Jun 2021 12:20:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 2571 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3JPmlrUtjSOLyIAi-THiKtjKgrm-4fJgng56W1NSr2sv6nSxonc2Bgb7qIaCje-t2bHwPpjHcDnYb67HQYrpuikL7rHmVzC1fVb9D4C0MplvVnEJXH4AWTBIHn7jhNXLxz1u_3vl7bYFhUB3ZeRarstWScg&dbm_d=AKAmf-DqlQIV0OZDErl32G1SYfYG1achYSXyyz97XSiHcRDrlqhlleNgplNCBBLE8Jd8pG4EoNlPKLT4_IXdB0jmLUKZ9wDU3yJD00Lx3d_DW5lIEIVAQSsGz220LiNmXqy5mEE9ddq6awi_dApnfYnBu4QTVxcihIXHxOQS7yNDWTn-yHOL_t3GAlS48nePZ8WTHSb8KWLmzMvebemiRrojQjikTo7hAJDmgTRO4DOop3yyrkkzulcrQ6sc5QNBwNfw9hpFA91UTbi21kL8pwbxrBuygJeae3b1d0IcbARfcEhM0L9j4WKLsV87wvha27SDy2CoHvC7v5cUFxJ5lGewQcE5bslioL_MOEsdHpgciiV2XDP2L4d7jHTumSAiAS3s5nWslMw3mQS-p1RtNKkkjhqEKU089AsTNEos21f44-wHvzj-CtQC356tWPqKc97CTMH-vwr9RczUW9O0AB9z-zuePgZcyfZNNJGnMm_3tQrIIGrlgUfM-LzYj0WZ3nSms5ZPPzPFam3dZbT9uK2VlIx3G3JBJ6bQSB8cwcIMTZ5GLgp8mll8P5kCt7zONBUXBMcYB00Znj_b90wl3_AseVMCICFavyA33Vu9VJCIHnhNzCwY4JR8eRrfI3P3yj3-8b6hrqmsqfbfbqbe6wfsSjHZDZ5xpa8CSXVzqVcoJyqGQeCvwk7WAPX16nk3UGpio0lmOAOsNYCeaQCBqqQPvRd7YMxHHPeHMYmXXnTwuUWzk2W4c_Fm3fQ8w-QwBFpGNlaAy_gkRrO9O1VJTxvrGJVXs3hZkHbk7W6Kjb5HFVRtebiAH4d68VzlJ_bDZ2vDPNPIjKJ-zGYv1QxQ-rKH9Zn18jh1NSgp1kwuEPRjw_2HEWFjKZLA1CyVOgcocdkyWfFIKa1zL6OuzHq4GNVUdPfHtP-gtB_xDJqcsC0SyxXxA6yEOmzb4QJSVM9kRScfMxtKchD2U6B55uijU61CMm4ThHc7evgX2fAir047G6S-5Uy70cYflUflhHyi2bi1UvMWLyiMc1lxyRLfKG1aILK4jgHxzHjIAMKX1iDWT_lQiDinhpfrpoWgKi53onuHoxMIrDAdbeRmgNQFx1ZdOrIL858pbdjvYfrl0x5bq2656fxpXde4NhBmu_8aD6cXaHyLns5A2XcQxIT1giFTv8dFqoo0zDOzrYARHkIoU8owgGL4YC9x-gf-48TmnuhXFd2LY-YWd7Dqhby2cloO4J1zoBlsFKbwYW2B1Uk5UNV1jdgexapCs7FYAxDOmaoL09RHvoYEsFAwYEKU3M-V3aF-sqODMcPd-rRXHnNKwVW-Dxg6Fq9RIod3GPbocZxPKumamb8vdJJ8tQErNXP47pNRZAOcuiY16H4xSkOJsWxW5QsGjSpcPuirjRYeUNiZmXWtSdiWNX6aZiZ4Hma50QGfn5EtpskjnK47qlL8_lupjrTs9hN9NqtIfaXJd6RW5mk-jj68dXfG59cgS8CC4j77Xyv0ie06Wc6PfHc_oVKZuLkbNMK-4aobsub5FhOExuA8r7oca92PiQm5mozrKUKU_NzBXrY9RqgT13-lM2NjmZl9cD8mrAsHllfF1rch6h5GzdhY_RBUiBgG3kefhjemNQ9VbaR7kGpWzjXNELe1XEgJT6-R7bpk3FBslLjvLUDOqP4AAVnp_ivPoE0SgmqbXI2O_DgDpEprb8o_YG0gLpYFkQKyo5mH0AaaCQa041d-7JUNCAxhFDcagSIDB3hODSLNgiABvZMFWT3uYFCs5sBHi59bMy_6lgoN0v8by_I2q5nYa5aT5K8bNaXo0OmP_iuIthAl673rxltS6oOLvcKudJNpkR344V9LoMm-quI5M4vxNxbGjUab_zqlpDrlbeKBiz-mAh8aW3iI25ZFP2Bmo_GWGXUa1hLWLfbAVHM2g6BfcNxada9UO1HmIIYuW7Kp-s1NBfc7L_13n7rjsz6XvKi7iB9KJkDjWT_OrB3UKwpCxoktnU7ORHDuFThAjf2CZzDq1gYyOPxWjqml3AUkhuKpxmWwA3pHT0DQo1aaHSiCbsueKgyxT5atS3VGDOGQKuX_x317dbETX9mrs_pTR7hZaCJRbo5_8ux9qsdxfK3LGxkdhS6KQ9h6_eEVuu8MUPDRftC997sKuHaUS76QWXDGMFgN9WnJn5nFgJ8Z9ehH0qEVLGmqz2ZxmsnTcao5I5JoT_zG26UD9alRK77QRnwzwGnz2UscKO06kNMPztlDZz16qMuSxakExt5jS7Q2Kj154v5pfVspLKSLwbGFjpsksI6qZwLMZy1TlGIaodD5y8R1s2iQcM5zWOhGXQ5p-lPFztA8VEyp_39nNnZtQJiqW-QEbUTUDJGPdzT0pvbXPJO17b0B19oOgCE84mjblhB3LEqdmsyKO9DB0dBVc2nGCZw5NHVPh0O6oIlJ7C8fdkxfaN6MonbrtfAXiM9qycBTzwlSciSTv36419bnRkvbxfLt3mC8A1b_aYnyRrKIVrSACmfiOstMyOSzKgw5XIdX__gVYpqY2sOI60dgvamcuyGkw0_7vTcF8Q7K_cbDYcNnV_Y1qMKCRoh83kGh48wJAxObcPIi8lzUrbf3w12AutWqd-_G5-VptgXtsq0EEFbyOxLFj6pC9BQe2JOhnw3ASxDWz5H0R3UY5vGXS0SwLmxbLu4ja2ilDE82KDds2YhVGgweumGmQMTMvPrk97lTdeIXnbCgUF4RiJXzdqIxwBttvE0mIV64MT6eY-T_falKZGAZgmF7KbSZ9av6m3cG0VPhHAFcLKfoPwn3tDnXgonDZzGAdFMW3nuLPGzM7r8r2_Urcdc8nf0-YmctJH_GS3TBGxWR6jLNQFY2Hm9-yQ0_ZcEq0A8k0sAn95Kk8GWYK-aWhS2GkMOxOO9KxfLyPBbc4cQQSEEjhw0NWzTssMaoPqFNxzdomowcOZ5B635MHguZng6laEfubK_jgI8Ou7IECJIo4VtjJQIb9S3eG-7VJgQb1xvHlIiIF_aQdrmxGRU7f3rst_nnxSIRtogfLcK55XsTvMxnq77OUMYbMID8s82XAJj03q20orAEwTIROUFDNl_a87RfC8JZkFeASf4IAWoqgsGrd5ql__f9ItxyCP6JSsHTrFzDcXxOkwPs8NlsOY21V3ht_jhSSiHS6FAffMlnKEBa0rjUIE1F63rbvE0GFONNT4SB_OkCk-Pnth0vOISDgKQ7o0QfTz-r-qMNTdPnBBQTqc78IXM&cid=CAASFeRoyDo-DFuRoBERLiVRaSDX_984Kg&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:51:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 2571 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3JPmlrUtjSOLyIAi-THiKtjKgrm-4fJgng56W1NSr2sv6nSxonc2Bgb7qIaCje-t2bHwPpjHcDnYb67HQYrpuikL7rHmVzC1fVb9D4C0MplvVnEJXH4AWTBIHn7jhNXLxz1u_3vl7bYFhUB3ZeRarstWScg&dbm_d=AKAmf-DqlQIV0OZDErl32G1SYfYG1achYSXyyz97XSiHcRDrlqhlleNgplNCBBLE8Jd8pG4EoNlPKLT4_IXdB0jmLUKZ9wDU3yJD00Lx3d_DW5lIEIVAQSsGz220LiNmXqy5mEE9ddq6awi_dApnfYnBu4QTVxcihIXHxOQS7yNDWTn-yHOL_t3GAlS48nePZ8WTHSb8KWLmzMvebemiRrojQjikTo7hAJDmgTRO4DOop3yyrkkzulcrQ6sc5QNBwNfw9hpFA91UTbi21kL8pwbxrBuygJeae3b1d0IcbARfcEhM0L9j4WKLsV87wvha27SDy2CoHvC7v5cUFxJ5lGewQcE5bslioL_MOEsdHpgciiV2XDP2L4d7jHTumSAiAS3s5nWslMw3mQS-p1RtNKkkjhqEKU089AsTNEos21f44-wHvzj-CtQC356tWPqKc97CTMH-vwr9RczUW9O0AB9z-zuePgZcyfZNNJGnMm_3tQrIIGrlgUfM-LzYj0WZ3nSms5ZPPzPFam3dZbT9uK2VlIx3G3JBJ6bQSB8cwcIMTZ5GLgp8mll8P5kCt7zONBUXBMcYB00Znj_b90wl3_AseVMCICFavyA33Vu9VJCIHnhNzCwY4JR8eRrfI3P3yj3-8b6hrqmsqfbfbqbe6wfsSjHZDZ5xpa8CSXVzqVcoJyqGQeCvwk7WAPX16nk3UGpio0lmOAOsNYCeaQCBqqQPvRd7YMxHHPeHMYmXXnTwuUWzk2W4c_Fm3fQ8w-QwBFpGNlaAy_gkRrO9O1VJTxvrGJVXs3hZkHbk7W6Kjb5HFVRtebiAH4d68VzlJ_bDZ2vDPNPIjKJ-zGYv1QxQ-rKH9Zn18jh1NSgp1kwuEPRjw_2HEWFjKZLA1CyVOgcocdkyWfFIKa1zL6OuzHq4GNVUdPfHtP-gtB_xDJqcsC0SyxXxA6yEOmzb4QJSVM9kRScfMxtKchD2U6B55uijU61CMm4ThHc7evgX2fAir047G6S-5Uy70cYflUflhHyi2bi1UvMWLyiMc1lxyRLfKG1aILK4jgHxzHjIAMKX1iDWT_lQiDinhpfrpoWgKi53onuHoxMIrDAdbeRmgNQFx1ZdOrIL858pbdjvYfrl0x5bq2656fxpXde4NhBmu_8aD6cXaHyLns5A2XcQxIT1giFTv8dFqoo0zDOzrYARHkIoU8owgGL4YC9x-gf-48TmnuhXFd2LY-YWd7Dqhby2cloO4J1zoBlsFKbwYW2B1Uk5UNV1jdgexapCs7FYAxDOmaoL09RHvoYEsFAwYEKU3M-V3aF-sqODMcPd-rRXHnNKwVW-Dxg6Fq9RIod3GPbocZxPKumamb8vdJJ8tQErNXP47pNRZAOcuiY16H4xSkOJsWxW5QsGjSpcPuirjRYeUNiZmXWtSdiWNX6aZiZ4Hma50QGfn5EtpskjnK47qlL8_lupjrTs9hN9NqtIfaXJd6RW5mk-jj68dXfG59cgS8CC4j77Xyv0ie06Wc6PfHc_oVKZuLkbNMK-4aobsub5FhOExuA8r7oca92PiQm5mozrKUKU_NzBXrY9RqgT13-lM2NjmZl9cD8mrAsHllfF1rch6h5GzdhY_RBUiBgG3kefhjemNQ9VbaR7kGpWzjXNELe1XEgJT6-R7bpk3FBslLjvLUDOqP4AAVnp_ivPoE0SgmqbXI2O_DgDpEprb8o_YG0gLpYFkQKyo5mH0AaaCQa041d-7JUNCAxhFDcagSIDB3hODSLNgiABvZMFWT3uYFCs5sBHi59bMy_6lgoN0v8by_I2q5nYa5aT5K8bNaXo0OmP_iuIthAl673rxltS6oOLvcKudJNpkR344V9LoMm-quI5M4vxNxbGjUab_zqlpDrlbeKBiz-mAh8aW3iI25ZFP2Bmo_GWGXUa1hLWLfbAVHM2g6BfcNxada9UO1HmIIYuW7Kp-s1NBfc7L_13n7rjsz6XvKi7iB9KJkDjWT_OrB3UKwpCxoktnU7ORHDuFThAjf2CZzDq1gYyOPxWjqml3AUkhuKpxmWwA3pHT0DQo1aaHSiCbsueKgyxT5atS3VGDOGQKuX_x317dbETX9mrs_pTR7hZaCJRbo5_8ux9qsdxfK3LGxkdhS6KQ9h6_eEVuu8MUPDRftC997sKuHaUS76QWXDGMFgN9WnJn5nFgJ8Z9ehH0qEVLGmqz2ZxmsnTcao5I5JoT_zG26UD9alRK77QRnwzwGnz2UscKO06kNMPztlDZz16qMuSxakExt5jS7Q2Kj154v5pfVspLKSLwbGFjpsksI6qZwLMZy1TlGIaodD5y8R1s2iQcM5zWOhGXQ5p-lPFztA8VEyp_39nNnZtQJiqW-QEbUTUDJGPdzT0pvbXPJO17b0B19oOgCE84mjblhB3LEqdmsyKO9DB0dBVc2nGCZw5NHVPh0O6oIlJ7C8fdkxfaN6MonbrtfAXiM9qycBTzwlSciSTv36419bnRkvbxfLt3mC8A1b_aYnyRrKIVrSACmfiOstMyOSzKgw5XIdX__gVYpqY2sOI60dgvamcuyGkw0_7vTcF8Q7K_cbDYcNnV_Y1qMKCRoh83kGh48wJAxObcPIi8lzUrbf3w12AutWqd-_G5-VptgXtsq0EEFbyOxLFj6pC9BQe2JOhnw3ASxDWz5H0R3UY5vGXS0SwLmxbLu4ja2ilDE82KDds2YhVGgweumGmQMTMvPrk97lTdeIXnbCgUF4RiJXzdqIxwBttvE0mIV64MT6eY-T_falKZGAZgmF7KbSZ9av6m3cG0VPhHAFcLKfoPwn3tDnXgonDZzGAdFMW3nuLPGzM7r8r2_Urcdc8nf0-YmctJH_GS3TBGxWR6jLNQFY2Hm9-yQ0_ZcEq0A8k0sAn95Kk8GWYK-aWhS2GkMOxOO9KxfLyPBbc4cQQSEEjhw0NWzTssMaoPqFNxzdomowcOZ5B635MHguZng6laEfubK_jgI8Ou7IECJIo4VtjJQIb9S3eG-7VJgQb1xvHlIiIF_aQdrmxGRU7f3rst_nnxSIRtogfLcK55XsTvMxnq77OUMYbMID8s82XAJj03q20orAEwTIROUFDNl_a87RfC8JZkFeASf4IAWoqgsGrd5ql__f9ItxyCP6JSsHTrFzDcXxOkwPs8NlsOY21V3ht_jhSSiHS6FAffMlnKEBa0rjUIE1F63rbvE0GFONNT4SB_OkCk-Pnth0vOISDgKQ7o0QfTz-r-qMNTdPnBBQTqc78IXM&cid=CAASFeRoyDo-DFuRoBERLiVRaSDX_984Kg&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8601
x-xss-protection
0
server
cafe
etag
18280575870105241958
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 56D3 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZjqZjoXz0slkfYxHNTvQXu9hxQnPV3gV-4rZrSmMHOqymWfQ01OEbghoyRP4cQ_VtAMsFdLFbi2384O1RDfzEkNKuv25T3HY9asWGCbzawu76dZux8guglW7CbI1-bDoiDvtJhEKptShmj3fAGKGba2IfjQ&dbm_d=AKAmf-DGFr0ZksiVPPEPPBlEIw3MBP9iTFDL6QAPHIZ4TWN8HbqlBFCD5-LmuHuslZOm9bJagHH61jgngBo1_kk8O2Hy4F2yLsrdItvyjgRaQ-1TvfQ1XnU_DIeLYssz0ukEFKU-wdkNyzYYusB_yvH2OMQN4XPGGSwaIlAUy5YdQLIXFwocoPOOoYfNXZfdKfO9vJZdznxR_u0jdjGGfshRwymYg3notQ5kfZ_6J5RXiRGq7ZnnuRG9e4UocVNcimFVeQCVID70ViuAm-v7OmtUJmfRhQ3saMVCZzKfZKwVN26LmE8xIyL26u4YbLtqABqhF-XOrQZ7Fs2efOskTGBjYbx52rF3DKJh2akHOSkGax5iNvfCxCye90_fTMe9mVPS5KnhIAG2FuQijoHh0bzEoQQVvkhimyH1HUuQWga17yjPeZNXgZPIQUugkzQy-Vo85jOvXLu_qOTM2eAaLXqnBiYnIT7TGYY_Efp9hs45-V3InaatsUOZxDQTezZtizfsDNU1gSgw6kTvYljLKrffT-RVGVdszKrkSDCVWRq-_MAAzztip7QyKIbfxrUGJR6ochitxgThJhHFJKHbvsSkLNcLL3TF-UcMyWKRGe941hJ1NUXqf5C7yPmYU9eU7AjPjzBbbF-_V5XLbW-EBpdryelEDX-OiKpjOt4HDjfZ_N3E-60QIxG7KJVbWBE7jpuWLxw0BZczWeEeHM4lwWJ9BXc8JRjAQqFALMEyv0qTdK4rrr9njvWi_9JH_0jEDMOKHWEdR5BgP91Aa0YRJXzTsTLnGIfFsf5oFsdpJm13cl7nyHnv7rRhobNYtPPpO5Kp7JmhlYchjj7_xMANsz4lrAi4H5stkHAnjWQsTJbrkm4xANS2AIVYktWxKvLvQaJDpf31x_IQjbbvdj0-7hH9gcvhAA4XkkxYI13f6_fSOB_vtsX2Vhm9GtHp3dejdm9PIfdqGsakWWSWFhr8QlowJxrjL7nXsYPDeLrHZXIYOoDGxHyS1WQ5hw0R2lDyDChsp4ksgOXePR48RMQ0kLFrcSrOe8MHXHKPVc1RASpu2-iOLTkm_IJ8F0bXBFCn8kpNbRnaewEqJSeu3xW05IZtciIhQAXuk2-cN_lOzyWgBzTNV_V4PgXB9IjwiDpmxru0GIchUoUC_ASIDchMQayll3f_nltGM8nmfXJiTvP4nBpJ6bvftglFm5ao9yXwr-6wk7Ex_CQmbd8_zA3VMynkrlbV_XIxV3Q2mILneo1eoS_j12hpCXWQH6osTUkrBKgaA_Cd7R3DnAUgSKbmU2vYoiZa1wA9Xq1U41mNyXVn7iVWPhGduxUAbej5P_9UnB79WmBYh9p13AZkIUuiXaeTn_SVPY3LTF1sV1lFnjgSvn897j06XAvBc0MORC9mNn3w_nAf8yMRLUJsy0m4dE63DkIVCgVj_X4knSYz2EqWn76NRCfMxKpB4rX34ng7x3xLMvre9Dqx7HU3FBqz3xna1BfEptfG8L2CKHeCGXYBPbk5gW52VKXsdeE9_J6Q9GXSolC7c0AiIcZN6QBDETI7zsw42BQeSFsoVUSp2hrJZRcEW2ngRo3VtVzbQy3v6ND6kX9gmu6RoY8ABZPQo8_UR7-byLVm9SiW-xQagcjNYb9hJKO0TZ2ZHDJ3lSSsnzCf1saDrwHDvrdEiSxROOcbO04cyvqj7IrWczVIiyEdeRDROEa8AQWlUsK9MBYfUW3A2876wxXtXKBQ2lUw12bBol-yiJ8PjjWnPssjBFxAvN6SUtkb3dFs9p73yrj4-OOZMtpd7R51An88lXbGRUJy-RSwq9lmzcMHMweAXCgSKvH6WoYXr1egBSA1bgAxGe0egCH6ofsDAy-teAfxPA6VbFnUKgY_OSmDhzh8CziJwQZHGcjpUF-hewAO32hYGdBkeoI51g3XsY-pzFT_8329KTTwaitcEuypuQiiEN3e_WPFCl33vBng1tQOqDWmt0AOESnxCTqBMcEaupv6fIYF9U2bHGur8-jrrdJD8ZZFAOJWYhkekBAbIaVLgNKaBgz4kWIJO34JaYhXtV3YyO4ydWrZhc1X-oQ2-j87QdUP_xqt0FNA_WWSz4ap_B4wr9XG9qSITzlxQ9ewsozf1LlAo4sgZ_UHcFX02UjziocCSI7aAA4ZB92G_SQ_iVJhu7u6cV-i-gFw4sUUv79iKVmbe90pUNJQLXLexIS6WHeSkThCxu6la9_8idfa2EU_LAnkSMohF6oV_vT06Jl9QWO3ruf9fC5XC3t_i4Rwj2RUnxNQq6RU5pceuKT1KsMhvP64y1fOXhypiL6skmCK3bDcvkqy_2dTp4YViInistOnd4LwKVe_vIO-zPhk4TjnHwYR0bti_8pf5PASP4v0aRqz7g5xYhZsFGTb-fg0InXfNtDYV6nmEObpvdljpLrD5DocsI0RlLRaF5qFCRg3rp6dd5-gZoFGKMXYCo-wd3K-fIw4WvtBGhwZxSFe1c6nasJ_36y9Pm2Qqj6iXaMMOgMnnjlwCtvcwK78nCS2nlWpNjbjZ9uScJUKSH-Ag05Nlv_TqjGjiU1X4dXvQTl8eZ_CZgnEInMZ5TjyvdAD2D8sEeCfY1D0wpc3PVmVxKDeMIPWDoRkcmkm4wrTbvnofR3KOqjvtV63Q-TtoEEZQsr4-KZo3oB-ZNTuzwEdOfb8otDNdYUcL2eARnLBiL9QvYCD5GyKeo_OzABwR-rQpoV3wHM2l5NrrM1-tC_H3breW4BuU1pqDsOVsx66igZxKyaV6nf77w6cw4tgh2ik8Jujv49hiLWeXvDB6RLKLyBR1-b57y3479HgBq7-bAc6ype281cENiiNr_MJZ5o6YL4-PHPeysWoeyFm2xkkfHZWSfxYy8DIuubFpdEm5lsjIFCUlLCFrIF1lewp1Wq2Lw9VljihWHjuul_D8rTeKS2jz8cbHsPKwwzfI97c3z8ibRoe2hDKDkqYmT16BcMSYAx0MZNgZNYYF9YiD7bxFdjvnKqqnfA0MVaVEYiGmOko3BhXb_gON9sM_ceRHRaLJuS9hLCWFIo65R5sHjU-1xUwbkKpgPbeQ5GVJyBhv2W5itPxU2Mx4XNN7uEE2ruM7Dn0BK_dcic__gamn5mGxj2GFB6Ky50yYVeh4e3Mw9shbsGWDD9zWJY7rEOFVF9f1hriPXjHgMNARTfdL-cSdIr8IJDVhBweCImre5K5_0z17JxPTTKInk-5OodMElLx1OeR0H9vk3mQBgkRDm_O05HaYZGkFoSbFKc8Iz5_sztQbnPVAxj9cLGMAw&cid=CAASFeRovtd4MmZP7fG_uMb0uBSW8pTXfA&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8601
x-xss-protection
0
server
cafe
etag
18280575870105241958
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:55:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 56D3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZjqZjoXz0slkfYxHNTvQXu9hxQnPV3gV-4rZrSmMHOqymWfQ01OEbghoyRP4cQ_VtAMsFdLFbi2384O1RDfzEkNKuv25T3HY9asWGCbzawu76dZux8guglW7CbI1-bDoiDvtJhEKptShmj3fAGKGba2IfjQ&dbm_d=AKAmf-DGFr0ZksiVPPEPPBlEIw3MBP9iTFDL6QAPHIZ4TWN8HbqlBFCD5-LmuHuslZOm9bJagHH61jgngBo1_kk8O2Hy4F2yLsrdItvyjgRaQ-1TvfQ1XnU_DIeLYssz0ukEFKU-wdkNyzYYusB_yvH2OMQN4XPGGSwaIlAUy5YdQLIXFwocoPOOoYfNXZfdKfO9vJZdznxR_u0jdjGGfshRwymYg3notQ5kfZ_6J5RXiRGq7ZnnuRG9e4UocVNcimFVeQCVID70ViuAm-v7OmtUJmfRhQ3saMVCZzKfZKwVN26LmE8xIyL26u4YbLtqABqhF-XOrQZ7Fs2efOskTGBjYbx52rF3DKJh2akHOSkGax5iNvfCxCye90_fTMe9mVPS5KnhIAG2FuQijoHh0bzEoQQVvkhimyH1HUuQWga17yjPeZNXgZPIQUugkzQy-Vo85jOvXLu_qOTM2eAaLXqnBiYnIT7TGYY_Efp9hs45-V3InaatsUOZxDQTezZtizfsDNU1gSgw6kTvYljLKrffT-RVGVdszKrkSDCVWRq-_MAAzztip7QyKIbfxrUGJR6ochitxgThJhHFJKHbvsSkLNcLL3TF-UcMyWKRGe941hJ1NUXqf5C7yPmYU9eU7AjPjzBbbF-_V5XLbW-EBpdryelEDX-OiKpjOt4HDjfZ_N3E-60QIxG7KJVbWBE7jpuWLxw0BZczWeEeHM4lwWJ9BXc8JRjAQqFALMEyv0qTdK4rrr9njvWi_9JH_0jEDMOKHWEdR5BgP91Aa0YRJXzTsTLnGIfFsf5oFsdpJm13cl7nyHnv7rRhobNYtPPpO5Kp7JmhlYchjj7_xMANsz4lrAi4H5stkHAnjWQsTJbrkm4xANS2AIVYktWxKvLvQaJDpf31x_IQjbbvdj0-7hH9gcvhAA4XkkxYI13f6_fSOB_vtsX2Vhm9GtHp3dejdm9PIfdqGsakWWSWFhr8QlowJxrjL7nXsYPDeLrHZXIYOoDGxHyS1WQ5hw0R2lDyDChsp4ksgOXePR48RMQ0kLFrcSrOe8MHXHKPVc1RASpu2-iOLTkm_IJ8F0bXBFCn8kpNbRnaewEqJSeu3xW05IZtciIhQAXuk2-cN_lOzyWgBzTNV_V4PgXB9IjwiDpmxru0GIchUoUC_ASIDchMQayll3f_nltGM8nmfXJiTvP4nBpJ6bvftglFm5ao9yXwr-6wk7Ex_CQmbd8_zA3VMynkrlbV_XIxV3Q2mILneo1eoS_j12hpCXWQH6osTUkrBKgaA_Cd7R3DnAUgSKbmU2vYoiZa1wA9Xq1U41mNyXVn7iVWPhGduxUAbej5P_9UnB79WmBYh9p13AZkIUuiXaeTn_SVPY3LTF1sV1lFnjgSvn897j06XAvBc0MORC9mNn3w_nAf8yMRLUJsy0m4dE63DkIVCgVj_X4knSYz2EqWn76NRCfMxKpB4rX34ng7x3xLMvre9Dqx7HU3FBqz3xna1BfEptfG8L2CKHeCGXYBPbk5gW52VKXsdeE9_J6Q9GXSolC7c0AiIcZN6QBDETI7zsw42BQeSFsoVUSp2hrJZRcEW2ngRo3VtVzbQy3v6ND6kX9gmu6RoY8ABZPQo8_UR7-byLVm9SiW-xQagcjNYb9hJKO0TZ2ZHDJ3lSSsnzCf1saDrwHDvrdEiSxROOcbO04cyvqj7IrWczVIiyEdeRDROEa8AQWlUsK9MBYfUW3A2876wxXtXKBQ2lUw12bBol-yiJ8PjjWnPssjBFxAvN6SUtkb3dFs9p73yrj4-OOZMtpd7R51An88lXbGRUJy-RSwq9lmzcMHMweAXCgSKvH6WoYXr1egBSA1bgAxGe0egCH6ofsDAy-teAfxPA6VbFnUKgY_OSmDhzh8CziJwQZHGcjpUF-hewAO32hYGdBkeoI51g3XsY-pzFT_8329KTTwaitcEuypuQiiEN3e_WPFCl33vBng1tQOqDWmt0AOESnxCTqBMcEaupv6fIYF9U2bHGur8-jrrdJD8ZZFAOJWYhkekBAbIaVLgNKaBgz4kWIJO34JaYhXtV3YyO4ydWrZhc1X-oQ2-j87QdUP_xqt0FNA_WWSz4ap_B4wr9XG9qSITzlxQ9ewsozf1LlAo4sgZ_UHcFX02UjziocCSI7aAA4ZB92G_SQ_iVJhu7u6cV-i-gFw4sUUv79iKVmbe90pUNJQLXLexIS6WHeSkThCxu6la9_8idfa2EU_LAnkSMohF6oV_vT06Jl9QWO3ruf9fC5XC3t_i4Rwj2RUnxNQq6RU5pceuKT1KsMhvP64y1fOXhypiL6skmCK3bDcvkqy_2dTp4YViInistOnd4LwKVe_vIO-zPhk4TjnHwYR0bti_8pf5PASP4v0aRqz7g5xYhZsFGTb-fg0InXfNtDYV6nmEObpvdljpLrD5DocsI0RlLRaF5qFCRg3rp6dd5-gZoFGKMXYCo-wd3K-fIw4WvtBGhwZxSFe1c6nasJ_36y9Pm2Qqj6iXaMMOgMnnjlwCtvcwK78nCS2nlWpNjbjZ9uScJUKSH-Ag05Nlv_TqjGjiU1X4dXvQTl8eZ_CZgnEInMZ5TjyvdAD2D8sEeCfY1D0wpc3PVmVxKDeMIPWDoRkcmkm4wrTbvnofR3KOqjvtV63Q-TtoEEZQsr4-KZo3oB-ZNTuzwEdOfb8otDNdYUcL2eARnLBiL9QvYCD5GyKeo_OzABwR-rQpoV3wHM2l5NrrM1-tC_H3breW4BuU1pqDsOVsx66igZxKyaV6nf77w6cw4tgh2ik8Jujv49hiLWeXvDB6RLKLyBR1-b57y3479HgBq7-bAc6ype281cENiiNr_MJZ5o6YL4-PHPeysWoeyFm2xkkfHZWSfxYy8DIuubFpdEm5lsjIFCUlLCFrIF1lewp1Wq2Lw9VljihWHjuul_D8rTeKS2jz8cbHsPKwwzfI97c3z8ibRoe2hDKDkqYmT16BcMSYAx0MZNgZNYYF9YiD7bxFdjvnKqqnfA0MVaVEYiGmOko3BhXb_gON9sM_ceRHRaLJuS9hLCWFIo65R5sHjU-1xUwbkKpgPbeQ5GVJyBhv2W5itPxU2Mx4XNN7uEE2ruM7Dn0BK_dcic__gamn5mGxj2GFB6Ky50yYVeh4e3Mw9shbsGWDD9zWJY7rEOFVF9f1hriPXjHgMNARTfdL-cSdIr8IJDVhBweCImre5K5_0z17JxPTTKInk-5OodMElLx1OeR0H9vk3mQBgkRDm_O05HaYZGkFoSbFKc8Iz5_sztQbnPVAxj9cLGMAw&cid=CAASFeRovtd4MmZP7fG_uMb0uBSW8pTXfA&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 10:51:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 56D3 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsQy_uv34tmLHrascHhv_pi8SueNz-KzVRzAVxoPzUPe1pf1vq8mVco50TXU5LApczcCbLgJT4JxfPyK1_4tZ39zMrm9hmlRR8X9kQMsq7BwywhQr5YNZzxer8ULdd0sf2B5iMIRcPcTBCxKRB9bRteMspw1_k3XNSt27W5534IBCf6hheCdnKViqSoZMuBJBJbTLHGgMQrcUVqfuAG04UtrY_75TLvhcuosi_4RGEgJQIP7jD3gGZbThkACUGowZ1oVDOuL7xEcI79afM3d8VV9aBv8wKSO5lR4XDCWYcIu3kG0_FHHnKj9eUsa2P0DcySltjfaRuraMgN4H4k_33psgBZlbsp4am3y3hQomBW_aSgnD6RGl_bjZKxHJJgSbcb8LoiqO_idjtuE0wBtHT18hJR7Bx-U1P3jAU7Ziq18gQi-U_GA7q0zEr_Wh6P5Klgpbd0xPsv_ZnZnSxLaAMN7waV-iXHfGvj0THUJKHo40NzzJzoCqwJ0yaujtTQZH-LnjfMXCtmI2rZQjBqv48apG0mK142fwA3cuN6P-sB2RnMQmBNxz4B3TYBSzwgM3AAaaR72cWOrfWHDXproeO035r6NBSuc-O--U3Ey4afl1KqekyQMD6A5m3BBOFVBEGJ5L1Qb7slz8387F5U75JfqQIsy0w3HjrX0ueON9P1jH-v4xyfBTvsHvM7WaoxgV5yqKCA53vw2Zt3rueZ3s0W1Ft0_q_vc6ADAsr457ZTPpeo3c289AAf2CZu7MQ2FyOq_lIjUE6n10o4PVHENblRG08YLB1z4e-xITlQCe5E_SaY-WcW3mzfAbnYn4HdYFC9AujpdpGxbauooa-OV1i-ChkmSfZBaj2vPT1CStv2pc5i4PQ1u4UKsVP0HmXP-m88ESd6enI1jG5qp9lg_gKYpjDYkqQmO2O7p2vlQopIbLsD9Ev6zKq_Plqmzx9po-aMeRD0qoNPepmpXr9ShWtTG_IvIOBj-KTszPBBkTnHbGR6fFvKz88788hDNfDrpm5BZrZ2D_ZpcmkDKA3T_5e-zNNSXo8dyUo69sblswXuqNCgJigRDLQQAKIPLK4kEpwrN8k-1BI7aHXu3kN72Ph8n4HH9q1Kb2Npefb6VWjBD_pOYBjWhv3N_upbM2fawQWjFzGJox129BL2J-DC_1tYvrp_EFJwLkCt96wLaqzYJV32nscR8C9NkxYCQ_omBivjeixQTlok6VC7bGhKG4KwU2-Va_DYCrAqFYJUYjn&sai=AMfl-YQFeAav11Gmzpb6poY9vlr1oBJM3KGkT1YAvc_BqF9VLbIeJlGfLKwm4wm5cIc7iznoOaIKzU3x1GBue2JTVuPnnLNnY4QbfpO51ClMlQ7sVrdW1pUMKa_yi9dCvDSbGwcu-AJQ_dZS9kSP3FzUyMt5NKgTHUFbjZtYB-4&sig=Cg0ArKJSzENjPvxHBNNjEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.79578&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZjqZjoXz0slkfYxHNTvQXu9hxQnPV3gV-4rZrSmMHOqymWfQ01OEbghoyRP4cQ_VtAMsFdLFbi2384O1RDfzEkNKuv25T3HY9asWGCbzawu76dZux8guglW7CbI1-bDoiDvtJhEKptShmj3fAGKGba2IfjQ&dbm_d=AKAmf-DGFr0ZksiVPPEPPBlEIw3MBP9iTFDL6QAPHIZ4TWN8HbqlBFCD5-LmuHuslZOm9bJagHH61jgngBo1_kk8O2Hy4F2yLsrdItvyjgRaQ-1TvfQ1XnU_DIeLYssz0ukEFKU-wdkNyzYYusB_yvH2OMQN4XPGGSwaIlAUy5YdQLIXFwocoPOOoYfNXZfdKfO9vJZdznxR_u0jdjGGfshRwymYg3notQ5kfZ_6J5RXiRGq7ZnnuRG9e4UocVNcimFVeQCVID70ViuAm-v7OmtUJmfRhQ3saMVCZzKfZKwVN26LmE8xIyL26u4YbLtqABqhF-XOrQZ7Fs2efOskTGBjYbx52rF3DKJh2akHOSkGax5iNvfCxCye90_fTMe9mVPS5KnhIAG2FuQijoHh0bzEoQQVvkhimyH1HUuQWga17yjPeZNXgZPIQUugkzQy-Vo85jOvXLu_qOTM2eAaLXqnBiYnIT7TGYY_Efp9hs45-V3InaatsUOZxDQTezZtizfsDNU1gSgw6kTvYljLKrffT-RVGVdszKrkSDCVWRq-_MAAzztip7QyKIbfxrUGJR6ochitxgThJhHFJKHbvsSkLNcLL3TF-UcMyWKRGe941hJ1NUXqf5C7yPmYU9eU7AjPjzBbbF-_V5XLbW-EBpdryelEDX-OiKpjOt4HDjfZ_N3E-60QIxG7KJVbWBE7jpuWLxw0BZczWeEeHM4lwWJ9BXc8JRjAQqFALMEyv0qTdK4rrr9njvWi_9JH_0jEDMOKHWEdR5BgP91Aa0YRJXzTsTLnGIfFsf5oFsdpJm13cl7nyHnv7rRhobNYtPPpO5Kp7JmhlYchjj7_xMANsz4lrAi4H5stkHAnjWQsTJbrkm4xANS2AIVYktWxKvLvQaJDpf31x_IQjbbvdj0-7hH9gcvhAA4XkkxYI13f6_fSOB_vtsX2Vhm9GtHp3dejdm9PIfdqGsakWWSWFhr8QlowJxrjL7nXsYPDeLrHZXIYOoDGxHyS1WQ5hw0R2lDyDChsp4ksgOXePR48RMQ0kLFrcSrOe8MHXHKPVc1RASpu2-iOLTkm_IJ8F0bXBFCn8kpNbRnaewEqJSeu3xW05IZtciIhQAXuk2-cN_lOzyWgBzTNV_V4PgXB9IjwiDpmxru0GIchUoUC_ASIDchMQayll3f_nltGM8nmfXJiTvP4nBpJ6bvftglFm5ao9yXwr-6wk7Ex_CQmbd8_zA3VMynkrlbV_XIxV3Q2mILneo1eoS_j12hpCXWQH6osTUkrBKgaA_Cd7R3DnAUgSKbmU2vYoiZa1wA9Xq1U41mNyXVn7iVWPhGduxUAbej5P_9UnB79WmBYh9p13AZkIUuiXaeTn_SVPY3LTF1sV1lFnjgSvn897j06XAvBc0MORC9mNn3w_nAf8yMRLUJsy0m4dE63DkIVCgVj_X4knSYz2EqWn76NRCfMxKpB4rX34ng7x3xLMvre9Dqx7HU3FBqz3xna1BfEptfG8L2CKHeCGXYBPbk5gW52VKXsdeE9_J6Q9GXSolC7c0AiIcZN6QBDETI7zsw42BQeSFsoVUSp2hrJZRcEW2ngRo3VtVzbQy3v6ND6kX9gmu6RoY8ABZPQo8_UR7-byLVm9SiW-xQagcjNYb9hJKO0TZ2ZHDJ3lSSsnzCf1saDrwHDvrdEiSxROOcbO04cyvqj7IrWczVIiyEdeRDROEa8AQWlUsK9MBYfUW3A2876wxXtXKBQ2lUw12bBol-yiJ8PjjWnPssjBFxAvN6SUtkb3dFs9p73yrj4-OOZMtpd7R51An88lXbGRUJy-RSwq9lmzcMHMweAXCgSKvH6WoYXr1egBSA1bgAxGe0egCH6ofsDAy-teAfxPA6VbFnUKgY_OSmDhzh8CziJwQZHGcjpUF-hewAO32hYGdBkeoI51g3XsY-pzFT_8329KTTwaitcEuypuQiiEN3e_WPFCl33vBng1tQOqDWmt0AOESnxCTqBMcEaupv6fIYF9U2bHGur8-jrrdJD8ZZFAOJWYhkekBAbIaVLgNKaBgz4kWIJO34JaYhXtV3YyO4ydWrZhc1X-oQ2-j87QdUP_xqt0FNA_WWSz4ap_B4wr9XG9qSITzlxQ9ewsozf1LlAo4sgZ_UHcFX02UjziocCSI7aAA4ZB92G_SQ_iVJhu7u6cV-i-gFw4sUUv79iKVmbe90pUNJQLXLexIS6WHeSkThCxu6la9_8idfa2EU_LAnkSMohF6oV_vT06Jl9QWO3ruf9fC5XC3t_i4Rwj2RUnxNQq6RU5pceuKT1KsMhvP64y1fOXhypiL6skmCK3bDcvkqy_2dTp4YViInistOnd4LwKVe_vIO-zPhk4TjnHwYR0bti_8pf5PASP4v0aRqz7g5xYhZsFGTb-fg0InXfNtDYV6nmEObpvdljpLrD5DocsI0RlLRaF5qFCRg3rp6dd5-gZoFGKMXYCo-wd3K-fIw4WvtBGhwZxSFe1c6nasJ_36y9Pm2Qqj6iXaMMOgMnnjlwCtvcwK78nCS2nlWpNjbjZ9uScJUKSH-Ag05Nlv_TqjGjiU1X4dXvQTl8eZ_CZgnEInMZ5TjyvdAD2D8sEeCfY1D0wpc3PVmVxKDeMIPWDoRkcmkm4wrTbvnofR3KOqjvtV63Q-TtoEEZQsr4-KZo3oB-ZNTuzwEdOfb8otDNdYUcL2eARnLBiL9QvYCD5GyKeo_OzABwR-rQpoV3wHM2l5NrrM1-tC_H3breW4BuU1pqDsOVsx66igZxKyaV6nf77w6cw4tgh2ik8Jujv49hiLWeXvDB6RLKLyBR1-b57y3479HgBq7-bAc6ype281cENiiNr_MJZ5o6YL4-PHPeysWoeyFm2xkkfHZWSfxYy8DIuubFpdEm5lsjIFCUlLCFrIF1lewp1Wq2Lw9VljihWHjuul_D8rTeKS2jz8cbHsPKwwzfI97c3z8ibRoe2hDKDkqYmT16BcMSYAx0MZNgZNYYF9YiD7bxFdjvnKqqnfA0MVaVEYiGmOko3BhXb_gON9sM_ceRHRaLJuS9hLCWFIo65R5sHjU-1xUwbkKpgPbeQ5GVJyBhv2W5itPxU2Mx4XNN7uEE2ruM7Dn0BK_dcic__gamn5mGxj2GFB6Ky50yYVeh4e3Mw9shbsGWDD9zWJY7rEOFVF9f1hriPXjHgMNARTfdL-cSdIr8IJDVhBweCImre5K5_0z17JxPTTKInk-5OodMElLx1OeR0H9vk3mQBgkRDm_O05HaYZGkFoSbFKc8Iz5_sztQbnPVAxj9cLGMAw&cid=CAASFeRovtd4MmZP7fG_uMb0uBSW8pTXfA&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 11 Jun 2021 10:58:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 56D3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZjqZjoXz0slkfYxHNTvQXu9hxQnPV3gV-4rZrSmMHOqymWfQ01OEbghoyRP4cQ_VtAMsFdLFbi2384O1RDfzEkNKuv25T3HY9asWGCbzawu76dZux8guglW7CbI1-bDoiDvtJhEKptShmj3fAGKGba2IfjQ&dbm_d=AKAmf-DGFr0ZksiVPPEPPBlEIw3MBP9iTFDL6QAPHIZ4TWN8HbqlBFCD5-LmuHuslZOm9bJagHH61jgngBo1_kk8O2Hy4F2yLsrdItvyjgRaQ-1TvfQ1XnU_DIeLYssz0ukEFKU-wdkNyzYYusB_yvH2OMQN4XPGGSwaIlAUy5YdQLIXFwocoPOOoYfNXZfdKfO9vJZdznxR_u0jdjGGfshRwymYg3notQ5kfZ_6J5RXiRGq7ZnnuRG9e4UocVNcimFVeQCVID70ViuAm-v7OmtUJmfRhQ3saMVCZzKfZKwVN26LmE8xIyL26u4YbLtqABqhF-XOrQZ7Fs2efOskTGBjYbx52rF3DKJh2akHOSkGax5iNvfCxCye90_fTMe9mVPS5KnhIAG2FuQijoHh0bzEoQQVvkhimyH1HUuQWga17yjPeZNXgZPIQUugkzQy-Vo85jOvXLu_qOTM2eAaLXqnBiYnIT7TGYY_Efp9hs45-V3InaatsUOZxDQTezZtizfsDNU1gSgw6kTvYljLKrffT-RVGVdszKrkSDCVWRq-_MAAzztip7QyKIbfxrUGJR6ochitxgThJhHFJKHbvsSkLNcLL3TF-UcMyWKRGe941hJ1NUXqf5C7yPmYU9eU7AjPjzBbbF-_V5XLbW-EBpdryelEDX-OiKpjOt4HDjfZ_N3E-60QIxG7KJVbWBE7jpuWLxw0BZczWeEeHM4lwWJ9BXc8JRjAQqFALMEyv0qTdK4rrr9njvWi_9JH_0jEDMOKHWEdR5BgP91Aa0YRJXzTsTLnGIfFsf5oFsdpJm13cl7nyHnv7rRhobNYtPPpO5Kp7JmhlYchjj7_xMANsz4lrAi4H5stkHAnjWQsTJbrkm4xANS2AIVYktWxKvLvQaJDpf31x_IQjbbvdj0-7hH9gcvhAA4XkkxYI13f6_fSOB_vtsX2Vhm9GtHp3dejdm9PIfdqGsakWWSWFhr8QlowJxrjL7nXsYPDeLrHZXIYOoDGxHyS1WQ5hw0R2lDyDChsp4ksgOXePR48RMQ0kLFrcSrOe8MHXHKPVc1RASpu2-iOLTkm_IJ8F0bXBFCn8kpNbRnaewEqJSeu3xW05IZtciIhQAXuk2-cN_lOzyWgBzTNV_V4PgXB9IjwiDpmxru0GIchUoUC_ASIDchMQayll3f_nltGM8nmfXJiTvP4nBpJ6bvftglFm5ao9yXwr-6wk7Ex_CQmbd8_zA3VMynkrlbV_XIxV3Q2mILneo1eoS_j12hpCXWQH6osTUkrBKgaA_Cd7R3DnAUgSKbmU2vYoiZa1wA9Xq1U41mNyXVn7iVWPhGduxUAbej5P_9UnB79WmBYh9p13AZkIUuiXaeTn_SVPY3LTF1sV1lFnjgSvn897j06XAvBc0MORC9mNn3w_nAf8yMRLUJsy0m4dE63DkIVCgVj_X4knSYz2EqWn76NRCfMxKpB4rX34ng7x3xLMvre9Dqx7HU3FBqz3xna1BfEptfG8L2CKHeCGXYBPbk5gW52VKXsdeE9_J6Q9GXSolC7c0AiIcZN6QBDETI7zsw42BQeSFsoVUSp2hrJZRcEW2ngRo3VtVzbQy3v6ND6kX9gmu6RoY8ABZPQo8_UR7-byLVm9SiW-xQagcjNYb9hJKO0TZ2ZHDJ3lSSsnzCf1saDrwHDvrdEiSxROOcbO04cyvqj7IrWczVIiyEdeRDROEa8AQWlUsK9MBYfUW3A2876wxXtXKBQ2lUw12bBol-yiJ8PjjWnPssjBFxAvN6SUtkb3dFs9p73yrj4-OOZMtpd7R51An88lXbGRUJy-RSwq9lmzcMHMweAXCgSKvH6WoYXr1egBSA1bgAxGe0egCH6ofsDAy-teAfxPA6VbFnUKgY_OSmDhzh8CziJwQZHGcjpUF-hewAO32hYGdBkeoI51g3XsY-pzFT_8329KTTwaitcEuypuQiiEN3e_WPFCl33vBng1tQOqDWmt0AOESnxCTqBMcEaupv6fIYF9U2bHGur8-jrrdJD8ZZFAOJWYhkekBAbIaVLgNKaBgz4kWIJO34JaYhXtV3YyO4ydWrZhc1X-oQ2-j87QdUP_xqt0FNA_WWSz4ap_B4wr9XG9qSITzlxQ9ewsozf1LlAo4sgZ_UHcFX02UjziocCSI7aAA4ZB92G_SQ_iVJhu7u6cV-i-gFw4sUUv79iKVmbe90pUNJQLXLexIS6WHeSkThCxu6la9_8idfa2EU_LAnkSMohF6oV_vT06Jl9QWO3ruf9fC5XC3t_i4Rwj2RUnxNQq6RU5pceuKT1KsMhvP64y1fOXhypiL6skmCK3bDcvkqy_2dTp4YViInistOnd4LwKVe_vIO-zPhk4TjnHwYR0bti_8pf5PASP4v0aRqz7g5xYhZsFGTb-fg0InXfNtDYV6nmEObpvdljpLrD5DocsI0RlLRaF5qFCRg3rp6dd5-gZoFGKMXYCo-wd3K-fIw4WvtBGhwZxSFe1c6nasJ_36y9Pm2Qqj6iXaMMOgMnnjlwCtvcwK78nCS2nlWpNjbjZ9uScJUKSH-Ag05Nlv_TqjGjiU1X4dXvQTl8eZ_CZgnEInMZ5TjyvdAD2D8sEeCfY1D0wpc3PVmVxKDeMIPWDoRkcmkm4wrTbvnofR3KOqjvtV63Q-TtoEEZQsr4-KZo3oB-ZNTuzwEdOfb8otDNdYUcL2eARnLBiL9QvYCD5GyKeo_OzABwR-rQpoV3wHM2l5NrrM1-tC_H3breW4BuU1pqDsOVsx66igZxKyaV6nf77w6cw4tgh2ik8Jujv49hiLWeXvDB6RLKLyBR1-b57y3479HgBq7-bAc6ype281cENiiNr_MJZ5o6YL4-PHPeysWoeyFm2xkkfHZWSfxYy8DIuubFpdEm5lsjIFCUlLCFrIF1lewp1Wq2Lw9VljihWHjuul_D8rTeKS2jz8cbHsPKwwzfI97c3z8ibRoe2hDKDkqYmT16BcMSYAx0MZNgZNYYF9YiD7bxFdjvnKqqnfA0MVaVEYiGmOko3BhXb_gON9sM_ceRHRaLJuS9hLCWFIo65R5sHjU-1xUwbkKpgPbeQ5GVJyBhv2W5itPxU2Mx4XNN7uEE2ruM7Dn0BK_dcic__gamn5mGxj2GFB6Ky50yYVeh4e3Mw9shbsGWDD9zWJY7rEOFVF9f1hriPXjHgMNARTfdL-cSdIr8IJDVhBweCImre5K5_0z17JxPTTKInk-5OodMElLx1OeR0H9vk3mQBgkRDm_O05HaYZGkFoSbFKc8Iz5_sztQbnPVAxj9cLGMAw&cid=CAASFeRovtd4MmZP7fG_uMb0uBSW8pTXfA&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8378
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:38:29 GMT
DE_On_M2_GDN_300x600.png
s0.2mdn.net/9504762/ Frame 56D3 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9504762/DE_On_M2_GDN_300x600.png
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d69299c112491865f0ef50e13095857800b0a5277fb5f523e5cd9e95e679f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 16:49:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 06 Nov 2020 16:14:49 GMT
server
sffe
age
65339
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35878
x-xss-protection
0
expires
Fri, 11 Jun 2021 16:49:08 GMT
truncated
/ Frame A3DF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd4adb719e4d405010452439e4c8742129a77db1c12ae1e06a0fe1a2f9590233

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 862F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGOvd_KQBMAE&v=APEucNVsfVpMQd3YWmo6REkz-WQKoN88q9Z9uWOf97GMY5N-OKFyXLiuVkJr0yFgWOUwDBZMl51GU5Ej5bMfbqFnirCYPfIkM4Gsvv9-MCXPShFfr6lcfWdghMMFurqAD_Jt0wqSraTkRAMy6weSpujrzTCxjgujT7tUwlvdyWZTZ2EYrp_qeNU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 862F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGOvd_KQBMAE&v=APEucNVsfVpMQd3YWmo6REkz-WQKoN88q9Z9uWOf97GMY5N-OKFyXLiuVkJr0yFgWOUwDBZMl51GU5Ej5bMfbqFnirCYPfIkM4Gsvv9-MCXPShFfr6lcfWdghMMFurqAD_Jt0wqSraTkRAMy6weSpujrzTCxjgujT7tUwlvdyWZTZ2EYrp_qeNU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:07 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
324
Expires
Fri, 11 Jun 2021 10:58:07 GMT
setuid
ib.adnxs.com/ Frame 862F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGOvd_KQBMAE&v=APEucNVsfVpMQd3YWmo6REkz-WQKoN88q9Z9uWOf97GMY5N-OKFyXLiuVkJr0yFgWOUwDBZMl51GU5Ej5bMfbqFnirCYPfIkM4Gsvv9-MCXPShFfr6lcfWdghMMFurqAD_Jt0wqSraTkRAMy6weSpujrzTCxjgujT7tUwlvdyWZTZ2EYrp_qeNU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.43:80
AN-X-Request-Uuid
fe94a7a1-3c69-4f4e-ae85-a7350586d79d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 862F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGOvd_KQBMAE&v=APEucNVsfVpMQd3YWmo6REkz-WQKoN88q9Z9uWOf97GMY5N-OKFyXLiuVkJr0yFgWOUwDBZMl51GU5Ej5bMfbqFnirCYPfIkM4Gsvv9-MCXPShFfr6lcfWdghMMFurqAD_Jt0wqSraTkRAMy6weSpujrzTCxjgujT7tUwlvdyWZTZ2EYrp_qeNU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.149:80
AN-X-Request-Uuid
3c28c799-6831-43dd-a88f-874c41fd44e3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D5E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNXMMYi5-csjZRpGpKASkZkECFS1yF0aklvjSCqN5SdmxxbjK8Kf58aqeluNiRm9jzNDNDyZAoix0pkW9lL8UAL1hm5g5RtK-IGBpWD0lY1E_BJ62nMSnOg1lYG5GBCTmEy1Dw5rYFdEMZtjiRVmGk9HlSQ34BRfuT0J1NCagMOjmDO3PjE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D5E3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA&google_tc=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBCZLWx4ASzUoyvUUYupHq8&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBCZLWx4ASzUoyvUUYupHq8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNXMMYi5-csjZRpGpKASkZkECFS1yF0aklvjSCqN5SdmxxbjK8Kf58aqeluNiRm9jzNDNDyZAoix0pkW9lL8UAL1hm5g5RtK-IGBpWD0lY1E_BJ62nMSnOg1lYG5GBCTmEy1Dw5rYFdEMZtjiRVmGk9HlSQ34BRfuT0J1NCagMOjmDO3PjE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBCZLWx4ASzUoyvUUYupHq8&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D5E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNXMMYi5-csjZRpGpKASkZkECFS1yF0aklvjSCqN5SdmxxbjK8Kf58aqeluNiRm9jzNDNDyZAoix0pkW9lL8UAL1hm5g5RtK-IGBpWD0lY1E_BJ62nMSnOg1lYG5GBCTmEy1Dw5rYFdEMZtjiRVmGk9HlSQ34BRfuT0J1NCagMOjmDO3PjE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid
dc23548a-b82c-4956-b52f-bd18b2a74748
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D5E3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNXMMYi5-csjZRpGpKASkZkECFS1yF0aklvjSCqN5SdmxxbjK8Kf58aqeluNiRm9jzNDNDyZAoix0pkW9lL8UAL1hm5g5RtK-IGBpWD0lY1E_BJ62nMSnOg1lYG5GBCTmEy1Dw5rYFdEMZtjiRVmGk9HlSQ34BRfuT0J1NCagMOjmDO3PjE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid
417a2fb4-a3d1-4c76-983c-31b44b9dbe2c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FAE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID39wIQ2PSumQIY68bjqAEwAQ&v=APEucNWm6yoMIve7bXTPt3cMkJOY1B9hZLrD8PpdJwVpo1e_RbySNB3GC2LDazO_pR4nTWO4Fs-Kd_UcnMxa746EftLcR3u-AGM_Ke3vh-QZYnf7bwucOr01-DLtWfx4M792HCQoYmvmqsxrb-nLHTFWIM5DPevluav8EPXOcuiID4v8xPOFGPk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FAE1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID39wIQ2PSumQIY68bjqAEwAQ&v=APEucNWm6yoMIve7bXTPt3cMkJOY1B9hZLrD8PpdJwVpo1e_RbySNB3GC2LDazO_pR4nTWO4Fs-Kd_UcnMxa746EftLcR3u-AGM_Ke3vh-QZYnf7bwucOr01-DLtWfx4M792HCQoYmvmqsxrb-nLHTFWIM5DPevluav8EPXOcuiID4v8xPOFGPk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:08 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
324
Expires
Fri, 11 Jun 2021 10:58:07 GMT
setuid
ib.adnxs.com/ Frame FAE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID39wIQ2PSumQIY68bjqAEwAQ&v=APEucNWm6yoMIve7bXTPt3cMkJOY1B9hZLrD8PpdJwVpo1e_RbySNB3GC2LDazO_pR4nTWO4Fs-Kd_UcnMxa746EftLcR3u-AGM_Ke3vh-QZYnf7bwucOr01-DLtWfx4M792HCQoYmvmqsxrb-nLHTFWIM5DPevluav8EPXOcuiID4v8xPOFGPk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid
8b76b608-e356-422a-bcdf-0588be592a15
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FAE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxMzM4NjE4NzA2ODgzMDIyMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxMzM4NjE4NzA2ODgzMDIyMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID39wIQ2PSumQIY68bjqAEwAQ&v=APEucNWm6yoMIve7bXTPt3cMkJOY1B9hZLrD8PpdJwVpo1e_RbySNB3GC2LDazO_pR4nTWO4Fs-Kd_UcnMxa746EftLcR3u-AGM_Ke3vh-QZYnf7bwucOr01-DLtWfx4M792HCQoYmvmqsxrb-nLHTFWIM5DPevluav8EPXOcuiID4v8xPOFGPk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.233:80
AN-X-Request-Uuid
c7920148-7f15-4ede-a280-a92a5e19bd60
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxMzM4NjE4NzA2ODgzMDIyMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 48C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGNaulqUBMAE&v=APEucNWYLkZU6fDr8guvfupKDW4SpX4f9wP4gFSQJoWxOYhXSvaf4T_Vs2K1KAMjpVGnKGzkOucwC5nkGEqDSMLKC1GErlTEQcmL60hE-JCKhiNBhEYlhDNmbyh1pWpswuxnm0QBNrGweRnfW2TYd_cEaPCggXReZ4qOM-jQPXnnv3VAJjn_KQY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 48C5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGNaulqUBMAE&v=APEucNWYLkZU6fDr8guvfupKDW4SpX4f9wP4gFSQJoWxOYhXSvaf4T_Vs2K1KAMjpVGnKGzkOucwC5nkGEqDSMLKC1GErlTEQcmL60hE-JCKhiNBhEYlhDNmbyh1pWpswuxnm0QBNrGweRnfW2TYd_cEaPCggXReZ4qOM-jQPXnnv3VAJjn_KQY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:07 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
324
Expires
Fri, 11 Jun 2021 10:58:07 GMT
setuid
ib.adnxs.com/ Frame 48C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGNaulqUBMAE&v=APEucNWYLkZU6fDr8guvfupKDW4SpX4f9wP4gFSQJoWxOYhXSvaf4T_Vs2K1KAMjpVGnKGzkOucwC5nkGEqDSMLKC1GErlTEQcmL60hE-JCKhiNBhEYlhDNmbyh1pWpswuxnm0QBNrGweRnfW2TYd_cEaPCggXReZ4qOM-jQPXnnv3VAJjn_KQY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.243:80
AN-X-Request-Uuid
eac23e07-267a-429b-a22e-322ff1fd98e6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 48C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK0CELqMgMoCGNaulqUBMAE&v=APEucNWYLkZU6fDr8guvfupKDW4SpX4f9wP4gFSQJoWxOYhXSvaf4T_Vs2K1KAMjpVGnKGzkOucwC5nkGEqDSMLKC1GErlTEQcmL60hE-JCKhiNBhEYlhDNmbyh1pWpswuxnm0QBNrGweRnfW2TYd_cEaPCggXReZ4qOM-jQPXnnv3VAJjn_KQY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.238:80
AN-X-Request-Uuid
60abc5d8-f096-466f-8d78-f9d42dd43a84
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C1EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhjp_eyVATAB&v=APEucNXfiu1wJfeGzra8baQJk9qfD1xUJ92qL3UR9yFl0QIW20HmMRnZJwBFbDTZtaB6u3hkYDXEOof4jxKU6YmW516IIq3DfKE6UZE9YQi1fDItpwX9aS12sQLO3CzinBKqVCKfmp9NXNSrTFVfiO-ywne_MkJFKBPtoHF10YBdIJBJrTo8IqM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C1EF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMNBv.2XmrGtM5QtPEJqPQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhjp_eyVATAB&v=APEucNXfiu1wJfeGzra8baQJk9qfD1xUJ92qL3UR9yFl0QIW20HmMRnZJwBFbDTZtaB6u3hkYDXEOof4jxKU6YmW516IIq3DfKE6UZE9YQi1fDItpwX9aS12sQLO3CzinBKqVCKfmp9NXNSrTFVfiO-ywne_MkJFKBPtoHF10YBdIJBJrTo8IqM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:08 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFE6_ACmuJC-YYrIfpAkg-4&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
324
Expires
Fri, 11 Jun 2021 10:58:07 GMT
setuid
ib.adnxs.com/ Frame C1EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhjp_eyVATAB&v=APEucNXfiu1wJfeGzra8baQJk9qfD1xUJ92qL3UR9yFl0QIW20HmMRnZJwBFbDTZtaB6u3hkYDXEOof4jxKU6YmW516IIq3DfKE6UZE9YQi1fDItpwX9aS12sQLO3CzinBKqVCKfmp9NXNSrTFVfiO-ywne_MkJFKBPtoHF10YBdIJBJrTo8IqM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.140:80
AN-X-Request-Uuid
dcbad01a-882a-41d0-b05e-8bcb7bddc698
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGs2dHdY2Y56gS05-41y33o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C1EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhjp_eyVATAB&v=APEucNXfiu1wJfeGzra8baQJk9qfD1xUJ92qL3UR9yFl0QIW20HmMRnZJwBFbDTZtaB6u3hkYDXEOof4jxKU6YmW516IIq3DfKE6UZE9YQi1fDItpwX9aS12sQLO3CzinBKqVCKfmp9NXNSrTFVfiO-ywne_MkJFKBPtoHF10YBdIJBJrTo8IqM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:07 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.72:80
AN-X-Request-Uuid
57182653-26eb-41c7-813e-2425638a2325
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNTMxNTQ0Nzc4MzM2ODQx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 56D3 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsQy_uv34tmLHrascHhv_pi8SueNz-KzVRzAVxoPzUPe1pf1vq8mVco50TXU5LApczcCbLgJT4JxfPyK1_4tZ39zMrm9hmlRR8X9kQMsq7BwywhQr5YNZzxer8ULdd0sf2B5iMIRcPcTBCxKRB9bRteMspw1_k3XNSt27W5534IBCf6hheCdnKViqSoZMuBJBJbTLHGgMQrcUVqfuAG04UtrY_75TLvhcuosi_4RGEgJQIP7jD3gGZbThkACUGowZ1oVDOuL7xEcI79afM3d8VV9aBv8wKSO5lR4XDCWYcIu3kG0_FHHnKj9eUsa2P0DcySltjfaRuraMgN4H4k_33psgBZlbsp4am3y3hQomBW_aSgnD6RGl_bjZKxHJJgSbcb8LoiqO_idjtuE0wBtHT18hJR7Bx-U1P3jAU7Ziq18gQi-U_GA7q0zEr_Wh6P5Klgpbd0xPsv_ZnZnSxLaAMN7waV-iXHfGvj0THUJKHo40NzzJzoCqwJ0yaujtTQZH-LnjfMXCtmI2rZQjBqv48apG0mK142fwA3cuN6P-sB2RnMQmBNxz4B3TYBSzwgM3AAaaR72cWOrfWHDXproeO035r6NBSuc-O--U3Ey4afl1KqekyQMD6A5m3BBOFVBEGJ5L1Qb7slz8387F5U75JfqQIsy0w3HjrX0ueON9P1jH-v4xyfBTvsHvM7WaoxgV5yqKCA53vw2Zt3rueZ3s0W1Ft0_q_vc6ADAsr457ZTPpeo3c289AAf2CZu7MQ2FyOq_lIjUE6n10o4PVHENblRG08YLB1z4e-xITlQCe5E_SaY-WcW3mzfAbnYn4HdYFC9AujpdpGxbauooa-OV1i-ChkmSfZBaj2vPT1CStv2pc5i4PQ1u4UKsVP0HmXP-m88ESd6enI1jG5qp9lg_gKYpjDYkqQmO2O7p2vlQopIbLsD9Ev6zKq_Plqmzx9po-aMeRD0qoNPepmpXr9ShWtTG_IvIOBj-KTszPBBkTnHbGR6fFvKz88788hDNfDrpm5BZrZ2D_ZpcmkDKA3T_5e-zNNSXo8dyUo69sblswXuqNCgJigRDLQQAKIPLK4kEpwrN8k-1BI7aHXu3kN72Ph8n4HH9q1Kb2Npefb6VWjBD_pOYBjWhv3N_upbM2fawQWjFzGJox129BL2J-DC_1tYvrp_EFJwLkCt96wLaqzYJV32nscR8C9NkxYCQ_omBivjeixQTlok6VC7bGhKG4KwU2-Va_DYCrAqFYJUYjn&sai=AMfl-YQFeAav11Gmzpb6poY9vlr1oBJM3KGkT1YAvc_BqF9VLbIeJlGfLKwm4wm5cIc7iznoOaIKzU3x1GBue2JTVuPnnLNnY4QbfpO51ClMlQ7sVrdW1pUMKa_yi9dCvDSbGwcu-AJQ_dZS9kSP3FzUyMt5NKgTHUFbjZtYB-4&sig=Cg0ArKJSzENjPvxHBNNjEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=89&vt=11&dtpt=88&dett=2&cstd=0&cisv=r20210607.79578&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZjqZjoXz0slkfYxHNTvQXu9hxQnPV3gV-4rZrSmMHOqymWfQ01OEbghoyRP4cQ_VtAMsFdLFbi2384O1RDfzEkNKuv25T3HY9asWGCbzawu76dZux8guglW7CbI1-bDoiDvtJhEKptShmj3fAGKGba2IfjQ&dbm_d=AKAmf-DGFr0ZksiVPPEPPBlEIw3MBP9iTFDL6QAPHIZ4TWN8HbqlBFCD5-LmuHuslZOm9bJagHH61jgngBo1_kk8O2Hy4F2yLsrdItvyjgRaQ-1TvfQ1XnU_DIeLYssz0ukEFKU-wdkNyzYYusB_yvH2OMQN4XPGGSwaIlAUy5YdQLIXFwocoPOOoYfNXZfdKfO9vJZdznxR_u0jdjGGfshRwymYg3notQ5kfZ_6J5RXiRGq7ZnnuRG9e4UocVNcimFVeQCVID70ViuAm-v7OmtUJmfRhQ3saMVCZzKfZKwVN26LmE8xIyL26u4YbLtqABqhF-XOrQZ7Fs2efOskTGBjYbx52rF3DKJh2akHOSkGax5iNvfCxCye90_fTMe9mVPS5KnhIAG2FuQijoHh0bzEoQQVvkhimyH1HUuQWga17yjPeZNXgZPIQUugkzQy-Vo85jOvXLu_qOTM2eAaLXqnBiYnIT7TGYY_Efp9hs45-V3InaatsUOZxDQTezZtizfsDNU1gSgw6kTvYljLKrffT-RVGVdszKrkSDCVWRq-_MAAzztip7QyKIbfxrUGJR6ochitxgThJhHFJKHbvsSkLNcLL3TF-UcMyWKRGe941hJ1NUXqf5C7yPmYU9eU7AjPjzBbbF-_V5XLbW-EBpdryelEDX-OiKpjOt4HDjfZ_N3E-60QIxG7KJVbWBE7jpuWLxw0BZczWeEeHM4lwWJ9BXc8JRjAQqFALMEyv0qTdK4rrr9njvWi_9JH_0jEDMOKHWEdR5BgP91Aa0YRJXzTsTLnGIfFsf5oFsdpJm13cl7nyHnv7rRhobNYtPPpO5Kp7JmhlYchjj7_xMANsz4lrAi4H5stkHAnjWQsTJbrkm4xANS2AIVYktWxKvLvQaJDpf31x_IQjbbvdj0-7hH9gcvhAA4XkkxYI13f6_fSOB_vtsX2Vhm9GtHp3dejdm9PIfdqGsakWWSWFhr8QlowJxrjL7nXsYPDeLrHZXIYOoDGxHyS1WQ5hw0R2lDyDChsp4ksgOXePR48RMQ0kLFrcSrOe8MHXHKPVc1RASpu2-iOLTkm_IJ8F0bXBFCn8kpNbRnaewEqJSeu3xW05IZtciIhQAXuk2-cN_lOzyWgBzTNV_V4PgXB9IjwiDpmxru0GIchUoUC_ASIDchMQayll3f_nltGM8nmfXJiTvP4nBpJ6bvftglFm5ao9yXwr-6wk7Ex_CQmbd8_zA3VMynkrlbV_XIxV3Q2mILneo1eoS_j12hpCXWQH6osTUkrBKgaA_Cd7R3DnAUgSKbmU2vYoiZa1wA9Xq1U41mNyXVn7iVWPhGduxUAbej5P_9UnB79WmBYh9p13AZkIUuiXaeTn_SVPY3LTF1sV1lFnjgSvn897j06XAvBc0MORC9mNn3w_nAf8yMRLUJsy0m4dE63DkIVCgVj_X4knSYz2EqWn76NRCfMxKpB4rX34ng7x3xLMvre9Dqx7HU3FBqz3xna1BfEptfG8L2CKHeCGXYBPbk5gW52VKXsdeE9_J6Q9GXSolC7c0AiIcZN6QBDETI7zsw42BQeSFsoVUSp2hrJZRcEW2ngRo3VtVzbQy3v6ND6kX9gmu6RoY8ABZPQo8_UR7-byLVm9SiW-xQagcjNYb9hJKO0TZ2ZHDJ3lSSsnzCf1saDrwHDvrdEiSxROOcbO04cyvqj7IrWczVIiyEdeRDROEa8AQWlUsK9MBYfUW3A2876wxXtXKBQ2lUw12bBol-yiJ8PjjWnPssjBFxAvN6SUtkb3dFs9p73yrj4-OOZMtpd7R51An88lXbGRUJy-RSwq9lmzcMHMweAXCgSKvH6WoYXr1egBSA1bgAxGe0egCH6ofsDAy-teAfxPA6VbFnUKgY_OSmDhzh8CziJwQZHGcjpUF-hewAO32hYGdBkeoI51g3XsY-pzFT_8329KTTwaitcEuypuQiiEN3e_WPFCl33vBng1tQOqDWmt0AOESnxCTqBMcEaupv6fIYF9U2bHGur8-jrrdJD8ZZFAOJWYhkekBAbIaVLgNKaBgz4kWIJO34JaYhXtV3YyO4ydWrZhc1X-oQ2-j87QdUP_xqt0FNA_WWSz4ap_B4wr9XG9qSITzlxQ9ewsozf1LlAo4sgZ_UHcFX02UjziocCSI7aAA4ZB92G_SQ_iVJhu7u6cV-i-gFw4sUUv79iKVmbe90pUNJQLXLexIS6WHeSkThCxu6la9_8idfa2EU_LAnkSMohF6oV_vT06Jl9QWO3ruf9fC5XC3t_i4Rwj2RUnxNQq6RU5pceuKT1KsMhvP64y1fOXhypiL6skmCK3bDcvkqy_2dTp4YViInistOnd4LwKVe_vIO-zPhk4TjnHwYR0bti_8pf5PASP4v0aRqz7g5xYhZsFGTb-fg0InXfNtDYV6nmEObpvdljpLrD5DocsI0RlLRaF5qFCRg3rp6dd5-gZoFGKMXYCo-wd3K-fIw4WvtBGhwZxSFe1c6nasJ_36y9Pm2Qqj6iXaMMOgMnnjlwCtvcwK78nCS2nlWpNjbjZ9uScJUKSH-Ag05Nlv_TqjGjiU1X4dXvQTl8eZ_CZgnEInMZ5TjyvdAD2D8sEeCfY1D0wpc3PVmVxKDeMIPWDoRkcmkm4wrTbvnofR3KOqjvtV63Q-TtoEEZQsr4-KZo3oB-ZNTuzwEdOfb8otDNdYUcL2eARnLBiL9QvYCD5GyKeo_OzABwR-rQpoV3wHM2l5NrrM1-tC_H3breW4BuU1pqDsOVsx66igZxKyaV6nf77w6cw4tgh2ik8Jujv49hiLWeXvDB6RLKLyBR1-b57y3479HgBq7-bAc6ype281cENiiNr_MJZ5o6YL4-PHPeysWoeyFm2xkkfHZWSfxYy8DIuubFpdEm5lsjIFCUlLCFrIF1lewp1Wq2Lw9VljihWHjuul_D8rTeKS2jz8cbHsPKwwzfI97c3z8ibRoe2hDKDkqYmT16BcMSYAx0MZNgZNYYF9YiD7bxFdjvnKqqnfA0MVaVEYiGmOko3BhXb_gON9sM_ceRHRaLJuS9hLCWFIo65R5sHjU-1xUwbkKpgPbeQ5GVJyBhv2W5itPxU2Mx4XNN7uEE2ruM7Dn0BK_dcic__gamn5mGxj2GFB6Ky50yYVeh4e3Mw9shbsGWDD9zWJY7rEOFVF9f1hriPXjHgMNARTfdL-cSdIr8IJDVhBweCImre5K5_0z17JxPTTKInk-5OodMElLx1OeR0H9vk3mQBgkRDm_O05HaYZGkFoSbFKc8Iz5_sztQbnPVAxj9cLGMAw&cid=CAASFeRovtd4MmZP7fG_uMb0uBSW8pTXfA&rfl=1%2Chttps%253A%252F%252Fshavlik40.rssing.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 10:58:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 170F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 11 Jun 2021 08:38:29 GMT
expires
Sat, 11 Jun 2022 08:38:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8378
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4765 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 11 Jun 2021 08:38:29 GMT
expires
Sat, 11 Jun 2022 08:38:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8378
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3A4D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 11 Jun 2021 08:38:29 GMT
expires
Sat, 11 Jun 2022 08:38:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8378
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sfht0if3y.js
cdn.krxd.net/controltag/ Frame 2571 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2423cbc3081a6d26022031366660f7900aa5cb280fd91f7a3b80777332b1a54

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 11 Jun 2021 10:58:08 GMT
via
1.1 varnish, 1.1 varnish
age
129
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3673
x-served-by
config-service-a002-ash-prod.krxd.net, cache-bwi5145-BWI, cache-hhn4070-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1623409088.396047,VS0,VE0
etag
"8595c2bfd40270513d3f71e8843150475690db95"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 141
index.html
s0.2mdn.net/4528516/2128478866615035/ Frame 67BB 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/2128478866615035/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
380dc0f2b32c68f27730e2c0dcb9bab05b97103e26ba298a45d43d12979ba855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/4528516/2128478866615035/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2648
date
Thu, 10 Jun 2021 19:42:24 GMT
expires
Fri, 11 Jun 2021 19:42:24 GMT
last-modified
Tue, 29 Dec 2020 15:22:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
54943
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2571 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuveMXpZ6uEJHl2yr8_Ciwk5cL8U6bvFoCBekV1ha6hiQN0eyarUkZystmRdsoDcRF84l8NkJpvH7l2ucwuI3ZwCMD65nGr62W_H7atUdSxSguORWJPHGQQ3B3giQiEalU_B0-pP8Rh4MguGZlo7yXZAN9IQA5SGIsRrzyCUv7pANHU23u_F0dK_VA7GtniMfTJk7JSzeFmyQZLdMVIBCN5DNLAJDGUBs34AN3XAp4vpoZKCkXkOeLfDquyF-Pq4D-c3YLPF4leRx_eEh9IUy6uoLHIk_syEIUOFI0beqOyhJV9VZWXFwEZf4WZLWOu-D3fXeTM6B6FRx-hApgPdvJpvBdACD7CCJvXAz3kUBF2GAfR0m48eh44T4LDOyNEX8axrTOqHS0Ej8Xe16FnqymvJfHmba4vfwQX7kgEOTJ-SuFoqSzsnPO42YlSK_7ui9vGqmNaOliXnK2tkZAfBR5wA8rOwX0wYufd0iS3Y_QeWLlaIMP-UMRlS_gPr-SjGUIbJzMITzsQ2xkDfAmgI73YmObyJZ_fTsBUnNUzkZ02Co-EDual_cGtpFlOi_-9fu-nhZLFc7ApZDGSzTcEDEuvtwCJHmMeJE4Z9YRkOh5FP42lxG4adtgDBeZOmXW-QXSdO8FHDm8eoT076xyEqzZL1-OwfOAEueLS6xU_9YUQLn8qhF3HoETx-6oXaZHees2oFA5l1X2bTn18l1PI8Cvmv4EhqEmHoB8B5p33tAJdsKIJgvEwRNHzQggYCx904yBh3Ft2KbGux6nnHhaymmsTUBnRaO_km_qyy8Dme-sZpagwVU05CKxaIRjwICNjQc8KAje2P6splYTYWBj9luA3IDaVmIHEHJr-zWptjdzh40nY3SwsMZFgFzofkDIfB90D2mo6RQEx-CIvLDBkWNYDFfFrUzo9lrOsPB9osd6zqZwCvC-9pNobZ6RK_Poe5BPLizZiOwflQUR5A54sOHtYMx1n4uT3BPosJARwFGs0ONT9jqNg2PlMOrWZGpXRYLH3stLpLg2llB_xQC_uMHh_PqASpl35NBcdqQK1Ti7ORFeK89m_uF4nUlbfjngIjVkcamfJ-L-I9Brz6iVSc2vP7R-JnaDDHA_Daeqp0kt5bP6i_I8vEtP0rtJfSG6dx3lIRPABqjKQHOdw8mgibYVQt_gdC8xUAOR2-zOols4ieaoKZABBP_q20VVMPaPk-CBjZk3yshcxGHgi-eiA0mjK4n7r7LP2-Q&sai=AMfl-YQXfx1Ho9pStHBoS4UsNIE3xyWvxHIkSiNpoLnNA0Lbi_AfwMJH5H35VUZG3BvMl-AUF5yTdmJVOQivSVYqzoREoxqa7M7ZFwaFKil41YiG5XnaBNZK82Yl3xUuHkAT1K9RuP6apmrph5Ne0CWlCqTeq-TNKl6-TEmxC5o&sig=Cg0ArKJSzCA-VoinzZ5sEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=116&cbvp=1&cstd=113&cisv=r20210607.82222&adurl=
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 11 Jun 2021 10:58:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v75.js
www.googletagservices.com/dcm/ Frame 1DB8 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v75.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15538
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 19:52:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 08:38:27 GMT
impl_v75.js
www.googletagservices.com/dcm/ Frame 600E 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v75.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15538
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 19:52:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 08:38:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2571 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8378
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jun 2022 08:38:29 GMT
truncated
/ Frame 2571 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a762a79bc484923a208f15c1e630015eec1547d1ea2decd80611483500a23d5e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 56D3 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
257ce7771b1812b07a524440c7d12547bac7218d67f63004026cdd0f018c1c77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
main.gr.19.8.206.js
static.adsafeprotected.com/ Frame 1DB8 		183 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/695971/54149685/skeleton.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 22:03:45 GMT
server
nginx/1.16.1
etag
W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
truncated
/ Frame 1DB8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6e9ce1afd5b7e4917088b710a13510de6399c7f95c29cd73334902d0b874720

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
main.gr.19.8.206.js
static.adsafeprotected.com/ Frame 600E 		183 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/695971/54149679/skeleton.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 22:03:45 GMT
server
nginx/1.16.1
etag
W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
truncated
/ Frame 600E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4adce11d8a9a727b1695580b0b335d7b5ec57db101744defedefae4fd061275b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame B746 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 10:47:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FF08 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 11 Jun 2021 08:38:29 GMT
expires
Sat, 11 Jun 2022 08:38:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8378
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
createjs.min.js
code.createjs.com/1.0.0/ Frame 67BB 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128478866615035/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Fri, 11 Jun 2021 11:13:07 GMT
javascript.js
s0.2mdn.net/4528516/2128478866615035/ Frame 67BB 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/2128478866615035/javascript.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128478866615035/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41ab391037283a4c8256a0d8a67f9833828d253d133eb8221093fcbeb496d252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/2128478866615035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 13:16:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78117
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6235
x-xss-protection
0
last-modified
Tue, 29 Dec 2020 15:22:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 11 Jun 2021 13:16:10 GMT
tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame 170F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 10:47:59 GMT
tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame 4765 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 10:47:59 GMT
tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame 3A4D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 10:47:59 GMT
B25762587.301404709;dc_ver=75.217;sz=728x90;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=943508953;ord=sq60m7;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCebW3vkH...
ad.doubleclick.net/ddm/adj/N1416456.3886603PMPRECISIONDE/ Frame D94E 		11 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1416456.3886603PMPRECISIONDE/B25762587.301404709;dc_ver=75.217;sz=728x90;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=943508953;ord=sq60m7;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCebW3vkHDYM2mF9O8lQetpZe4Dv-cpLZi37uvqtcN8C4QASC6xtluYJXikIKgB6AB3peotgHIAQmpAj2U7W7vcbQ-qAMBqgTtAU_Q38oA4JVQZq829x4qp5821bkaRQOs8U8dzmxnbwr4PBZz0ejDCKYGCUnAybnXsZHN9RZjraFVHSw65gnZsV3pCBMy0UOWc1Dd9-6Ns-wPu3OKrS6WF9jODxyaqszH7k1NjdWY17yflne3FL1Q131lCTLvtZZzhaLp3b6gcteoMllIpKElxlqBthRjoBCRsH6CWM0l8CIOBC_ZZeLADi9Ig8jkQloOTZKFltNI24m-R-E7B7IIWlhDXNm6GxGMJaCaNM5kj0SSrDRICPJcXy-4_4ynh-64s3Fs2hHIFpQrXvXU_CExaHJR59eeZcAEvInv7sYD4AQDkAYBoAZNgAeK6NfJAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATz4upC8gT6qrqCdATANgTCtgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRosjFbUcZVCrea2WwHdFKsSfS4vw%26sig%3DAOD64_18yXkHsRQw_2vCYpjSKN6uuUEcfw%26client%3Dca-pub-5259963630881660%26dbm_c%3DAKAmf-DakS4z5fIi1bR7Pm9NsbPX5fmAmHy1-4UJ_yHjPABm_v1l2ZHsGJ5NNd7R4MPJbahCUgJU8ffarCxDaavBcmfVix-yOP6iMwZgButX6tcKeeeS2-cnB7j4R0z1R5eNOYiHQmfjobdZj5AoJ5tvWIB3k4dhIQ%26dbm_d%3DAKAmf-Abhq9qNGpiebv14RJHpY0NRMAfVXRHaXPuKSc5BA-cj226Qd86bb6empAZBU9LJta6pmbTdMjLV1Ek3u9Aow6DvGpDWDZAkqlouhrPxp0nNpydGEpcY8LFOCbkCQXgW1MmoUJEJ8vnavBjfb_U_JRVNQtCiv0fYDjP0NeVNSsFO1JlOkFjw4VUTJb0f8NXDlBaHzKYFtfotNOGM9jP9uIEVC9XVCd8hyc5GHqOh0LaqLoP3tmWXqmOVl9b8lnFcQJ5NlywciiXmoySSo6Yd5gf9DbEkakOPq5Ozi6ydSk-2X3H2U1Ug7j2IoK0PBphUY_yHIxgayvCFcKiqvu5Zpf5iSK115BDVwShz4tFZ9wu1rsrIBHuZtuBFjbnETfmSNu2zRz1uwenQdk9gLZRyHX2rrdJ5OJ_TcjJlZOzuw0yL5iZ0FHphaZSKoBX055hX5YNdylVq7dmrhHwHULdJMohEXHsgxzzcaaZQXlWhD62VmKPjnEawui4G-p1y5S4Z9SVUpcj%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fshavlik40.rssing.com%2F$0;xdt=1;crlt=(6_Q!)1KY);cmpl=8;gcsr=a;osda=2;sttr=186;prcl=s
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B25762587.301404700;dc_ver=75.217;sz=300x250;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=4188270527;ord=qeamcs;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCodgDv...
ad.doubleclick.net/ddm/adj/N1416456.3886603PMPRECISIONDE/ Frame 1240 		11 B
81 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1416456.3886603PMPRECISIONDE/B25762587.301404700;dc_ver=75.217;sz=300x250;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=4188270527;ord=qeamcs;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCodgDvkHDYNCmF9O8lQetpZe4Dv-cpLZih7yvqtcN8C4QASC6xtluYJXikIKgB6AB3peotgHIAQmpAj2U7W7vcbQ-qAMBqgT0AU_QLivL2o_GQCrXc7_fpgdcQw_OIe0sdU8W3k5H9e9w2zY32Mbq4bVbgzn9gzcQlW4nIaJUtoghacaIFMH2TSmSbXB1Ph9SqMaeQ5TGsq_aUFDK5KPBlwA7tjMlQk8kwTE-z5FpMbYJ5t6FHWZyUJHkDV3Z8TmGjbsOREVgaZnzGDIMVIRPVAc9u9CZYux9ng_S4ddjTSp-lVOB495eVoCv_r2VdPvh8jP5-6pfcxu9bf_X9bH98CQMz65l_kqucQggLiPwBOWYpjNmkC391YVqpIpX1rGn5CBp3rUpEM2Ntd4btxa1A9YZIEupTDG_KG-xxcHABLyJ7-7GA-AEA5AGAaAGTYAHiujXyQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8-LqQvIE-qq6gnQEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGezvadCWuX44JevPvr3ILoYmQg%26sig%3DAOD64_2NKyV5P3-KiEFzjxylSIf_Cgi1wQ%26client%3Dca-pub-5259963630881660%26dbm_c%3DAKAmf-BaB3G4yzcYMKxArCzbOTd8g1DtGn146osl1a6LxxxMHgajMHRF0WpUSCm-oA9VSo_eXCzf1ruRgoggX_v10iksTQ9nL4mFz4u-35N2js4h6oPIE6yVq60d8Jo-n2Wy9-T--8UoS-0XDuA9hUi7G70mlm7f8Q%26dbm_d%3DAKAmf-AUinU13_dpexWXPBUS7HCKLD3ow5oE92i4kJ0gJ7kWkFNlhWs9OIzI_X2SlzEWNOrKrCLywjuiGEm-Ec5RgLp8H8kQQSVI1IgAWJwRPc2BbHmm_Vm_5qQGhiDF-P5ff_JwenwkXrbjR7XOHiT_wrHUwB_OFktVErKaVe38VQWgfbXSiSUWBLFGGvHi2gIE7imReuo2sfXaSuL83EBZou25BDtytDNlhBWwYxUSnYiaN2QqHlVM-qUrHySBRYY6lWzsgynjJXCG0765wevNb3lFS_M4Ze5yzKamOG3uKyrdnK98bQ-a8Ek6krIFt4JYLcc6LQyYBed1YwtCZZEVF59MPDz5hngE_dBMXFVfI9DYQmdiYDabBK0NNcDIJrPcczbyyEYb2by6OFYOSVw74-zUK4N-AFtVa91oPxkr7BG4iDfDYFIexFi90ZN5cxstFZOQLK7Ee0gzvH5jtE3b8IveqOHRWIlZrvtzX23tS9u8_LY3I2UEzKZMB8m1KwdIg3mHhtaf%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fshavlik40.rssing.com%2F$0;xdt=1;crlt=(6_Q!)1KY);cmpl=8;gcsr=a;osda=2;sttr=193;prcl=s
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame FF08 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 10:47:59 GMT
visual.png
s0.2mdn.net/4528516/2128478866615035/ Frame 67BB 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528516/2128478866615035/visual.png
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7f2fbe414e0b79e516fec53f54d6ef6c914cea4e6ad1e804bbd762ad8332dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/2128478866615035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 16:08:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 29 Dec 2020 15:22:46 GMT
server
sffe
age
67793
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59019
x-xss-protection
0
expires
Fri, 11 Jun 2021 16:08:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2571 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuveMXpZ6uEJHl2yr8_Ciwk5cL8U6bvFoCBekV1ha6hiQN0eyarUkZystmRdsoDcRF84l8NkJpvH7l2ucwuI3ZwCMD65nGr62W_H7atUdSxSguORWJPHGQQ3B3giQiEalU_B0-pP8Rh4MguGZlo7yXZAN9IQA5SGIsRrzyCUv7pANHU23u_F0dK_VA7GtniMfTJk7JSzeFmyQZLdMVIBCN5DNLAJDGUBs34AN3XAp4vpoZKCkXkOeLfDquyF-Pq4D-c3YLPF4leRx_eEh9IUy6uoLHIk_syEIUOFI0beqOyhJV9VZWXFwEZf4WZLWOu-D3fXeTM6B6FRx-hApgPdvJpvBdACD7CCJvXAz3kUBF2GAfR0m48eh44T4LDOyNEX8axrTOqHS0Ej8Xe16FnqymvJfHmba4vfwQX7kgEOTJ-SuFoqSzsnPO42YlSK_7ui9vGqmNaOliXnK2tkZAfBR5wA8rOwX0wYufd0iS3Y_QeWLlaIMP-UMRlS_gPr-SjGUIbJzMITzsQ2xkDfAmgI73YmObyJZ_fTsBUnNUzkZ02Co-EDual_cGtpFlOi_-9fu-nhZLFc7ApZDGSzTcEDEuvtwCJHmMeJE4Z9YRkOh5FP42lxG4adtgDBeZOmXW-QXSdO8FHDm8eoT076xyEqzZL1-OwfOAEueLS6xU_9YUQLn8qhF3HoETx-6oXaZHees2oFA5l1X2bTn18l1PI8Cvmv4EhqEmHoB8B5p33tAJdsKIJgvEwRNHzQggYCx904yBh3Ft2KbGux6nnHhaymmsTUBnRaO_km_qyy8Dme-sZpagwVU05CKxaIRjwICNjQc8KAje2P6splYTYWBj9luA3IDaVmIHEHJr-zWptjdzh40nY3SwsMZFgFzofkDIfB90D2mo6RQEx-CIvLDBkWNYDFfFrUzo9lrOsPB9osd6zqZwCvC-9pNobZ6RK_Poe5BPLizZiOwflQUR5A54sOHtYMx1n4uT3BPosJARwFGs0ONT9jqNg2PlMOrWZGpXRYLH3stLpLg2llB_xQC_uMHh_PqASpl35NBcdqQK1Ti7ORFeK89m_uF4nUlbfjngIjVkcamfJ-L-I9Brz6iVSc2vP7R-JnaDDHA_Daeqp0kt5bP6i_I8vEtP0rtJfSG6dx3lIRPABqjKQHOdw8mgibYVQt_gdC8xUAOR2-zOols4ieaoKZABBP_q20VVMPaPk-CBjZk3yshcxGHgi-eiA0mjK4n7r7LP2-Q&sai=AMfl-YQXfx1Ho9pStHBoS4UsNIE3xyWvxHIkSiNpoLnNA0Lbi_AfwMJH5H35VUZG3BvMl-AUF5yTdmJVOQivSVYqzoREoxqa7M7ZFwaFKil41YiG5XnaBNZK82Yl3xUuHkAT1K9RuP6apmrph5Ne0CWlCqTeq-TNKl6-TEmxC5o&sig=Cg0ArKJSzCA-VoinzZ5sEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=407&vt=11&dtpt=291&dett=3&cstd=113&cisv=r20210607.82222&adurl=
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 10:58:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
skeleton.js
static.adsafeprotected.com/ Frame 1DB8
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/695971/54149685/skeleton.js?adsafe_url=https%3A%2F%2Fshavlik40.rssing.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2007e87428e4d0b7d668997663553fbc.safefra...
  • https://static.adsafeprotected.com/skeleton.js
17 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
nginx/1.16.1
age
7024496
etag
"53fab767ecbd3bf07990b10246befbd4"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
17

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame B0F6 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
2847460
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
skeleton.js
static.adsafeprotected.com/ Frame 600E
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/695971/54149679/skeleton.js?adsafe_url=https%3A%2F%2Fshavlik40.rssing.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2007e87428e4d0b7d668997663553fbc.safefra...
  • https://static.adsafeprotected.com/skeleton.js
17 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
nginx/1.16.1
age
7025407
etag
"53fab767ecbd3bf07990b10246befbd4"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
17

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:07 GMT
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 0381 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:07 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
2849309
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
dt
dt.adsafeprotected.com/ Frame 1DB8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=695971&asId=dfeaddd4-b474-7725-27dc-278ae130c8ff&tv=%7Bc:fejpDg,pingTime:-2,time:484,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:65,bdZ:183,beA:383,beZ:384,mfA:688,cmA:690,inA:690,inZ:695,prA:695,prZ:710,si:720,poA:722,poZ:736,cmZ:736,mfZ:736,loA:819,loZ:823,ltA:866,ltZ:866%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:728,h:90,t:336%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:484,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:336,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B173~1%5D,as:%5B173~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sA1t5xM+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b*.695971-54149685%7C1b1%7C1b21%7C1b3%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1e.695971-54149679%7C1e1%7C1e21%7C1e3%7C1f1%7C1f21%7C1g,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:144,readyFired:true%7D&br=u
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.40.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 600E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=695971&asId=66f77006-f994-5bcf-bb11-eb3a2bb36876&tv=%7Bc:fejpDj,pingTime:-2,time:453,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:45,bdZ:159,beA:391,beZ:392,mfA:711,cmA:712,inA:712,inZ:715,prA:715,prZ:727,si:733,poA:733,poZ:740,cmZ:740,mfZ:740,loA:803,loZ:805,ltA:843,ltZ:844%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:341%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:453,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:341,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B131~1%5D,as:%5B131~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sA1t5xM+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b.695971-54149685%7C1b1%7C1b21%7C1b3%7C1b4%7C1c1%7C1c21%7C1d1%7C1d2%7C1d3%7C1e*.695971-54149679%7C1e1%7C1e21%7C1e3%7C1f1%7C1f21%7C1g,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:110,readyFired:true%7D&br=u
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.40.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame B746 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrVIPvkHDYM6mF9O8lQetpZe4DgAAAAA4AeAEAg&bg=!gYKlgsbNAAY6sG-_OrA7ACkAdvg8WowouBZ5DEoE_3auIJ6UuWLMHjbvgNVYkuyLUvla4q4XYy4csAIAAAIAUgAAAFtoAQeZAs5nEBFTR524OqGDvtSrWdzqc2OshHkNWEEVc3HXco34juKWZzn0eBQY_ukZMyF_2i5FcGVVws6tmP8E-GneF8APdQ0RSXHDIjmgYpVDIOvnbhGJDU4LH_NwR77iDA_f_Z7CeGkZVkwIZxFmvlA4ZhPCO6l5Yi2v80FIsYkqQhNepUY11KRrb1_zlMMh5PThjApTkEwiuRt6FIuBNigvEmIHpcCYCV7wxs12zpS5LSsvGaNyKoy47UE8uazKMT6t8Gnuk3VJX57Ho5HCr9hN5ryqqtNJaIGbaCMpVf0-wm1UgJBYA7TC4RysKHZsZxPPzGZN1Am5qoLcGQABOYqXOgVtiI_nPtDDJ3d4phcjGyqw8fUKq_tm0xwrzQgTnWw0DdXwSNA5ig0-XjJq122rFWM1dIkHdj3AjNonFH4RUarJeUziNp2XDO-XBVJkbnGROhKXie6R3le94Db0F5RMJ50M80PPhTS2MxkWr6p07XdkGm887xYUHJ1uhGcIYVWkWOQTrmW6XYGEW8IRDX2KlnBsh_ImbqfQMm7OMAhp24UBvi7yWoDl2KS1UO7S5tgXrF7HJbhc_wvakHzuUNwGGCsjlSTc_oKNNyp10q_MQUxZLxtNJnL9vubTAoskAcnOzqFxlHaf3wlkcYkaKae0zNj8KuQwI5f4U3BgvhrLre1IrYDOlGroIreDBXN-fsQkhW7rT5HMBhkCUI7G6Ug-zLqhqPnciyg3QpJAEAIDiO54HDD4UZIAjTUUH0vj82xozXvMC5otiDEfuqR8-u6fYwgqga9btTL_lJBC94CYaPFYw0txnwUC6mnE2PSdbgddBMFYZiDYlkCM20RDqtz5sXDPojW_5vZvXIk1HVndpQlWI-Pmfxzhp6t-OlNhN_Cm5hLeXwK7aLjTn7sRGCzqpLBGvc2JQIt1aja1UFY3QIe-GIwNv3D55BpFEO6qWijF
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1DB8 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=695971&asId=dfeaddd4-b474-7725-27dc-278ae130c8ff&tv=%7Bc:fejpIC,pingTime:-10,time:817,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623409088281%7C%7C22a7726678a0fdb37d59f5d2e249352d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C8ac45f836a58ff327720cc6a5096cdcd%7C%7C96a67421515f6ba3ec174ccf73536388%7C%7Cb791bafb40cf08ac774a8daffcfe8c49%7C%7C715f23dedb7b4c9336eb9afe315cc114%7C%7C36f8f4fa6d4ca6a4396dd4d1ebe72706%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:854,ecd:31,tsecr:60%7D%7D,env:%7Bgcd2:%7Bappl:1,cnst:0%7D%7D%7D
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.40.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 170F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG2e6v0HDYPCJC4HO3gPHnYLYBwAAAAA4AeAEAg&bg=!p6SlpODNAAY6sG-_OrA7ACkAdvg8Whn59iO9NiFx-PPv2e_ipsuH9n_KDyDgaPRHa4f2fuwjeiXvTQIAAAIrUgAAAEtoAQeZAsGkC-MB0e9DsnGejKMXGiWM9kxa1KqNr5It9xgioGgwL8h5P6sPXHpBvp6ygru933oueqMYRqsg7RDQVIAE4sjmK5aBoRsCmibY1FHqKe6KMS840AL8rXsaU59ml1OGrAq6WG55BPwjQVc0uDM-GjoR6PAZNMXzrVUy7IaH28pqXbCbR2-smjN_GODWcT9RMmvmGPVIrB2Wb3xKdNcprJknA0UbKZNL68iKUOJtwJkEuosrx9puVAMzAuthCywzPjNKZWx4RD6syK0vlBgvSLUwVCa8PxegB5poZrWnQSdh0gs7e1pxKWuGZfXLleavY81mQVAWgp5sj3LNdRouBnRYmNFyuCc1MXcp8MrOv_yr0REvXy4LF3qYmBN_1gMZqxdalwAXdGSxKSjZod_wGWttXwDjVdOpaNTehx2x2pqqzCnSHpdEGlNlH1cyueHYiJBBV01coaAKswFxpGl_Mzy4dclMSo00Ol_QhDmDRmMYw0DvslPiu2006XX4VJVYimaHseJJrCpmRUYfYGajybDLc7pno6GqDC6RjMIYnlQ-jZEAF-hajaA-pAviQzTAjkppg8koOVt1B1l3QzaO90fZMBroEuKW_lVRUHA-hO9NKy5ItzmUdofl5MnTgGfwI51dHP1HZd6PW4OOvlRQVIa12mB4A7Q32VvUpMfEV9T286gpqx04wCg1fKKwybwAtA0pSxfMMXf0NDBgTphxMK3zrN6Ov9-gvmUg_HKWQgAu5co30s1OdXK4lqUG1b69Qx02iO_xe2XwmjgpSIC4agGtfLtjB75S1DQKYO76MEg1-FPH3mC8KKpJceLaX2kTSH7FMa3H7uK-jxfje3C2F5SUhlynxrWdKc0mO_LVmtAwzgyc7d25Uw0V7SCYXU3rdej0Ena4nYELpcPSpq7DnPiSOarWM7D7TURqbNtQEUVa6Ak
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4765 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2RJOv0HDYL_4CvXV7_UPieq7sA8AAAAAOAHgBAI&bg=!RkWlRQHNAAY6sG-_OrA7ACkAdvg8Wq932t-WUWmB1ggy0PJt63t6yVeGKKzB76g1VTWfETgfZcw_IQIAAAIqUgAAAE9oAQeZAscdAkurdw3pg_XY3DaoivhVBT3hIJRdoL39OsbpiUE8goBGy_yoPM1TLPzaBbCM8F4TM9v9Xfj-1PLnlFwSLAiX8ahxOOaIY63R6LMuWsBRZBiJ0C_jL7gksudga9BXY96uNwaSQLmf4vGzb18KNDf5pxXBvftPM2RO9vduLwtMD3TijGOibCAWPzbbiRXoDBe2A1Tl81jG99j_1P1eHPQ07GfTyfNIkI85ZRy5aINpIad1ivJFA26xYP87u7UV0qYaL6bb1K5DFv5a3FvWKqaQB1y7uived7uzdFV0KQ85yQJO38SvItucHh38V-ZydftHgnDf-mSTXTWa7wQZe6sDm1IqqdC9smvt_SUg-DbutzOmy2cWFfQlH49dHTqVlm-K4HWOcd7PAW2Ra9xVUxyGt5q2qWKudUIgSgp0bylRWv3Xc_UjaDcArqXHHXClxW-EsYA2Uss2g2ulhVZGMy9KmwLAIwuANIxPRCeopzrp8K_lkLAtL4ZYfjF4TyhHrLTaIjbA8_s8kinVPvVmhiQuZ_6AkCqVeBwYEdrthG14Yg_pH4pm_Uykjm2atB35fc2htnEmcVHFbpv3aASf_wOe0kQzQwJ5UalwzqvZdxMFphsP4M27lbsNh_O_0GunXpncXshimp-uH3fGlyqEe2rM8Sp3Uwi8GeOgyZFPr0wXcjLuen8bIXFsKc-WRzsLTGv5qhgIB-JTN5yZGDH6Hogv9RmdRiG0yOF8SXrchqMdliE2QBIRvNxlwfMMBtq6F2X10DwRg2rtE8Mg4_Cn1AwtV9HzpjZ2pj1YY7JkkPozwj42pAigelzns5YmR3emlIClkK5OO8FElJJNy5Uyut7d6HWds4WWyUd2wIQQDw8NXLvlbGOASerKQWE5H90z6QyfC0Rd7yq7f0y-Baof_Or5sZNj1_0sy4ymSh6j_0KrQb1ikpe6W7Q
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A3DF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVOEa3KkdGovmQpSsJWiGpNkDzwsT1j8JG9Pslf0hMcAz_uSdrkqwi9gVbrADtPnqH9bT4yk8YBTikL2D-Cag6PbcfZZbfQ-cnCQUnTO60B-3A1H6XAOMuv0KUWg&sai=AMfl-YTaShil4llCepNYj8Xk6b_WeNOuIz2Wo593NvX0XaKyf4HBSFxG6ylP6zsnsDPKr7BEfcOiSnU2EEuVuNA1p_3jfsbohR4fhdBSI-zBFJTb7AmykK-ufn8hnOAkDyY&sig=Cg0ArKJSzIudU9S4lw0yEAE&cid=CAASFeRoYL3n8NsThjurwKzRgx0b_dTnow&id=lidar2&mcvt=1006&p=516,288,580,756&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20210609&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&app=0&itpl=20&adk=4176452841&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623409087093&dlt=27&rpt=238&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A4D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bpsvwv0HDYKrGC9KKrASEq5SQCwAAAAA4AeAEAg&bg=!GxilGFzNAAY6sG-_OrA7ACkAdvg8WngyQl4G1b_0b9mxZJ91BZBn3MGMmIodrawqRGSqWIdkMWwdyAIAAAIcUgAAAFJoAQcKAMeLbz_Zl6xyNusBQ_u7xock0H8vNRW0JEgpnjtZe9C9f3x0nuDUexR7NnzEqOAKONTFl9niVmSCEPw32k9z2kN3Hx9pQawxUprEuPV2w3aOd-tJYLkh5xK4Ap9W88FqMDLmRLchmp_tjTgLYL6SQ8uTi0zRTesdAqXzz4pghI7D7rfm5p3q8XZ3QcAtSFFTo3wdfWbrJhQV4MtOC_LBX6-D7SuDeIP5HrZs9P3n0_oD8yvcj3knmmwrjfCPSk4SFBOXAsAmG9fimQLM2ENB5NNLqrfau4rWRQNGzNuR2IkjF0lfYDSMABYxl8nrcytKIfdWDFMteTxyfqEqfeyTPW7Q73KMTffM7zQyvmULV1XuSeABMWiGEFJHuTkQXwFrgxbwTxLiIwenGwycGlECGx9VZzPYX83YjhLvZEGWuzjTJiQbBNxWrTnsNxPe03_7p0_IeQgiqqyvT9Un5jBcQYdK1980O8SkVyfHifKsfVBpoWaJz57-wAq-1IJcJSzT-aHZSgYcJgBI5dzdhO7NNLsTBQyKSCkj_Av0R0YNVnHBLlKeECztmYxgLvQAwTCoLLRSawlZsuZvvJt6ZhtO0ZJlYkctS5lg2-pqTvMBXobpWLmBn2dxhdmFRO7-7dABXFXG7AzgKcP4oK87t1s8JMitJu3y2fhNq87DyGKHK20eDzfytF71OLBwb-acmVNNJ-LF7slqDJO7MdJojw-HaToEUtJUSscHBZD8iDATvg9mjW0WsRHm-lP8TF0sjLFvl7tix0oKJ_lb83iz0bgTXL1qfpHUt0YMIIeL8DCFjAhcXDcvOEu9BbO2oD69YDHkUq8yc2jUWnPQmF2pPsvG7Tzx_R8Xwxq4QbHOUY_k6_wVf7xisG1gkYgKW25Cduvktu7uNjKZeVAwleuvmNM8OPKUYNEuAZOF1ab9iJerP6LF8unhVDADnFP9-Eny4UWH_x_uClABfzhvrM7Ha6W3ZxQFar2fgKE-tTFwcavO1TOEqUgYYeC6lsi60E5yMxN7WwpUZzfFzBnDJLd315f--FOVtNBG-OXTl8pMA_exIZSNAZUROzKEbCbcHHjyavLzxZvnC6kMcBjbMkx5Pc483cZ2BJJLvhpdATlAe1VBeT_kUp0QZf9-ZPm0Q5GK9g5-eFtW5RwHM-Jwnk7IxC3_osRBiU5eycE94W0Ja4r5eSFcHYPFgVBYK8_3Y8lK_Q0CPZ8NObTIXoo
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF08 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bp7Irv0HDYIHjCqaO7_UPhtGxqA4AAAAAOAHgBAI&bg=!QEOlQwfNAAY6sG-_OrA7ACkAdvg8WoRbLH2jyLH1Dz_sWqbZ8bW11n0pTNkGe3I5VGjCS7ozh0iJ_gIAAAFxUgAAAB1oAQeZAr8OSHV9NJ368UQ7Vwm6iry00U2ha00xXlTMWCIRukG1wXuVF6QkbUa5_xsYIue63fn4YeQ6PWlLT7ENjxO_OMkkiyRPEd6B7hF3F2pFUeccKJ8ant0XwFwOVEkXqu6UuRCXIgQvKyy1yg-c95JnlOLBah9UFz_Pk-rRhIWt9sF00I_chtF3NsUUj-UAyfIdzQUI0tKAgCjn3NGzQ_AtUYszsB_nIWhm6dXyDvSFFyP3yJZajyp_IEj2eOBwjZQ0X2M8zn1OPjA4LiFxB9aO_InJg5xX4pyy81tO01A2Qct_EMSJtVNpBkR87knEuyHabl3qUwyg-_MdTx0YtEyUYZuZ6DQCEwPzz0eEt-faBDS4WED97-MQhWxkPuVyTtIlh1YqlhfuAM8zhT25gLHXd_RAJkIzbjWYE4a_kiD6aRB43d7niZ5aFaSc6P_z2YKOiDCjfGsvWH55th7TP2cH1ZpImWTDqXvz_lC2h1P1DBMEdrpp6YprePzGj_58xB-UYU7TYVpCTVCn8OLk7vt51rwBzwsWs_doet7ikr9Un33hz2CL8OxuuMkLd53LD1-2tSK-wXCJcgA9A3Ebs_j6YYyYRdbWSr11SJulbO-ElPsmWpLTguHWzmOqH_L5DXGZaPTYQpJqLhPMAiGqNc4sTz_rLtoKzDf-zqdd3fNfO5AgjKSIYc94Y9L6BTfPBEmtExZtQRsPTAa0ozVgT0OUsFHrla-G7O_Vzh83qH0z9ZzYt8Jr-UuU7AmT2g3hplIjNhsjzQKc-dlFVwj3iJ-M28aluz6Cl3k4bc8DEe2GlGOcJYssxeRZ7WzVUzGivdFRJUnJH4XxADnNHfxcBCyd3BmE11UMm1CDVEGyXrBxZclMyseRhoMK6tRjNIdwzuqrlDIVn5bVIOwuYYVh4teZ8GXBlksJwxJDz1z7QckJ3471
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ Frame 2571 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 11 Jun 2021 10:58:08 GMT
content-encoding
gzip
age
1937647
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
610854
content-length
84451
x-served-by
cache-hhn4070-HHN
last-modified
Thu, 15 Oct 2020 07:09:29 GMT
x-timer
S1623409088.404579,VS0,VE0
etag
"0631b7d64dbbd3656a8b7368ad227a04"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sun, 13 Oct 2030 07:09:28 GMT
CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame 67BB 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128478866615035/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/4528516/2128478866615035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:56:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Oct 2016 14:32:08 GMT
server
sffe
age
128
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104232
x-xss-protection
0
expires
Fri, 11 Jun 2021 11:11:00 GMT
ad_impression.gif
beacon.krxd.net/ Frame 2571 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=150618918&adid=321276318&creativeid=143874856&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by
Host: 2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
URL: https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1623409088
x-served-by
beacon-n023-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
optout_check
beacon.krxd.net/ Frame 2571 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1ac8a21cfd7368becaa556699a46cef48108645ade7168a7dde68c907d187a8c

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:08 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=26 t=1623409088
x-served-by
beacon-n014-dub-prod.krxd.net
content-type
text/javascript
af5fc09f-edef-481c-bfa7-696005c6deb3
consumer.krxd.net/consent/get/ Frame 2571 		221 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f38c015c70874f56e3deb74c902049d24e2de512513cddff7b03f5730cbffd82

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:08 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a004-dub-prod.krxd.net, cache-fra19134-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1623409089.514864,VS0,VE29
content-length
177
x-cache-hits
0, 0
activeview
pagead2.googlesyndication.com/pcs/ Frame 600E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7qSxMVcuczgVBp8hxCqM-IEOgsaTYKv9I8NPiQCx0HjmGJqpaXIMuifvWm0K0ihIiJQhveJozXuHjmrd11jeZOXK1iijnw1JDBawytIufEQWPMjHO4at9h1otTA&sai=AMfl-YQA-mxBz0PG42y-EbNuZwuD6uT3rePbrLvKKdPBnL53v0SRaVr5TTGUQeyEAmSD9kzRiObiL59qQowjfSjHW60ZBtk304VIDKuLrXZLDpB3secc9ynYsK-4G0hphEY&sig=Cg0ArKJSzE6C8OpqlzxDEAE&cid=CAASFeRoGezvadCWuX44JevPvr3ILoYmQg&id=lidar2&mcvt=1000&p=225,1006,479,1306&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210609&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2082884811&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1DB8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstglvvU-nSgZuQ1vgmOBnLVIpFMcD86Qb48Bs4vfxHBUZN7lwabxqYwjWlSQGzBzib7TaylgZDRhBu_mvBYAh8aWgWp1Z48U0pjctb7vV1x0KMOGBnbOqWUZQyiWQ&sai=AMfl-YSFZ5pGFIJuSGzVsHDpHtZKhCd5wwdEhb1DomlCRroUqWuWTaAPGOIyhzNP8hUeZ-vWudkYZKrZEdbE418WRC9zK_thz5CFf100_IZU22uE9ey58lJTzvWJUjh2Hn0&sig=Cg0ArKJSzAe_oEVY1sKZEAE&cid=CAASFeRosjFbUcZVCrea2WwHdFKsSfS4vw&id=lidar2&mcvt=1001&p=36,288,130,1016&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210609&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=322520512&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623409087091&dlt=32&rpt=448&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load-cookie.html
user-sync.adxpremium.services/ Frame 5BB5 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method
GET
:authority
user-sync.adxpremium.services
:scheme
https
:path
/load-cookie.html?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

date
Fri, 11 Jun 2021 10:58:08 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
expires
0
last-modified
Fri, 26 Feb 2021 09:17:16 GMT
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
0a9c51f13500004eebee339000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dAkVOp1G71G38GMFPYjAJMkBbuOO8Xq6%2FFrfhOOQF%2FwM8LJs57%2BBRnU%2Fv%2BNHf45E4OaGglLu6lyLryPSTc0Oap6jjbpR%2F47mI0w0FJ7AE%2FdQwuJ3f0u04gsLM%2BcFTglWyFcmDMAnQMHTvKK7K5yG%2BaR6DOX2yog%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65da52952e1f4eeb-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
check.html
biddr.brealtime.com/ Frame 3A67 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html?gdpr=1&gdpr_consent=
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shavlik40.rssing.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

Date
Fri, 11 Jun 2021 10:58:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
mE6Rd29UpOmLwstnQ2Fmx/f4CJ+2SDnof5gtz67SbQj57ghDbCs5xHEMBcqTE7HfAVsNGr7inE0=
x-amz-request-id
GJGH054WNQJASMZY
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
576
Expires
Fri, 11 Jun 2021 10:59:08 GMT
Cache-Control
public, max-age=60
cf-request-id
0a9c51f173000032b2d6a97000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
65da52958e2632b2-CDG
Content-Encoding
gzip
CookieSyncV.html
csync.smartadserver.com/diff/rtb/csync/ Frame BCAE 		1018 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3503&dcid=6&iscname=false&cname=
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shavlik40.rssing.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"f7993322e8eb79ecae2b39841d5f82cc:1621255706.244487"
Last-Modified
Mon, 17 May 2021 12:47:17 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600
Date
Fri, 11 Jun 2021 10:58:08 GMT
Content-Length
445
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame C9D7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.rssing.com
URL: https://www.rssing.com/inc2/js/prebid.js?v=v4.31.0&t=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shavlik40.rssing.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 12 Jun 2021 10:58:10 GMT
Date
Fri, 11 Jun 2021 10:58:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookie_sync
user-sync.adxpremium.services/ Frame 5BB5 		2 KB
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/cookie_sync
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d

Request headers

Referer
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 10:58:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9c51f28200004eeb2912f000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6rt%2F%2Fqh7siYCduKg6HrXeVhGxAqGzwLRLiQWNIiG1S%2BBz09ICxoSfs%2FxLVs6DfiI568V9114o5xtrSRTz1IZmx7TaqdlAY9hXFLUb5yFK%2FERsiqpZZuYqA%2BIGriHD%2FYwdEpSm8gouDaD6VWTMLTERm%2F7EvPuFr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://user-sync.adxpremium.services
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
65da52973b7b4eeb-FRA
expires
0
consent-string.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame BCAE 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/consent-string.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3503&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:08 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 08:08:39 GMT
server
ECS (frb/67AA)
age
10036
etag
"f720a7f2a8432d0f18de76239266413f:1623053390.510436"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6396
TemplatePool.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame BCAE 		79 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3503&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
1804e93c7d77871d5984f3bc595a41ae25366060999363e268a4126cf2b469d7

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:08 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 08:09:32 GMT
server
ECS (frb/67C2)
age
10036
etag
"a072c6dc16e8a194aa1a6765717d1beb:1623053392.944265"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3599
CookieSync.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame BCAE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3503&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:08 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 08:09:33 GMT
server
ECS (frb/674C)
age
10036
etag
"5c225f0da4164867a9eba01d527131e3:1623053391.489921"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1566
CookieSyncCtrl.min.js
ec-ns.sascdn.com/diff/rtb/csync/ Frame BCAE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec-ns.sascdn.com/diff/rtb/csync/CookieSyncCtrl.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=3503&dcid=6&iscname=false&cname=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3

Request headers

Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:08 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 08:09:34 GMT
server
ECS (frb/6776)
age
10036
etag
"c77fb70e5e267321a13fbe8a4c2eb33b:1623053391.858907"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1560
dt
dt.adsafeprotected.com/ Frame 600E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=695971&asId=66f77006-f994-5bcf-bb11-eb3a2bb36876&tv=%7Bc:fejpVV,pingTime:-10,time:1607,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623409088281%7C%7C22a7726678a0fdb37d59f5d2e249352d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C8ac45f836a58ff327720cc6a5096cdcd%7C%7C96a67421515f6ba3ec174ccf73536388%7C%7Cb791bafb40cf08ac774a8daffcfe8c49%7C%7C715f23dedb7b4c9336eb9afe315cc114%7C%7C36f8f4fa6d4ca6a4396dd4d1ebe72706%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:857,ecd:31,tsecr:66%7D%7D,sca:%7Bspg:dfeaddd4-b474-7725-27dc-278ae130c8ff%7D,env:%7Bgcd2:%7Bappl:1,cnst:0%7D%7D%7D
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.40.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:09 GMT
x-server-name
dt59.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sync.html
s.adtelligent.com/ Frame 7966 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=601760
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
VertaMedia 1.0
Date
Fri, 11 Jun 2021 10:58:08 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
736
Access-Control-Allow-Origin
https://user-sync.adxpremium.services
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame 7966
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1b8421ed-5703-4197-9554-e2f4b81529db
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1b8421ed-5703-4197-9554-e2f4b81529db
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:09 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1b8421ed-5703-4197-9554-e2f4b81529db
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
sq0k4vq5gcv7nvsh519n6gdbg9r3ooh9
csync
sync.adtelligent.com/ Frame 7966
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=402987595176389845
86 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=402987595176389845
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:09 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.210:80
AN-X-Request-Uuid
f05bc3c4-7ddd-44fa-8c37-bb5762925549
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=402987595176389845
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
rtb.adxpremium.services/ Frame 7966
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=145c60f217234705
0
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=145c60f217234705
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:09 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v92tjJG4KfI3VSIjzj2qi%2Bh7X1%2FvPRO%2FFSHCBuYJvcLPn%2BerxjlE9%2Fjp5MWWRsJjUZn4FkRUqP2%2FKUKVCPN4YhUacIyNIlrkdjuCqI6akFNz3ziTqu9cnXHM0sFV8Vo%2FckKqGGBjv8QCYMCKFo1v0qY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
65da529a8c074eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9c51f49400004eeb048e2000000001
expires
0

Redirect headers

Location
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=145c60f217234705
Date
Fri, 11 Jun 2021 10:58:08 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
connectmyusers.php
cdn.connectad.io/ Frame AD9F 		1 KB
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
cf-request-id
0a9c51f62200004ab0b4aa8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65da529cffe94ab0-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1
sync-eu.connectad.io/syncer/ Frame 8315 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sync-eu.connectad.io
:scheme
https
:path
/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.connectad.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.connectad.io/

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
set-cookie
id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control
no-cache, private
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a9c51f64c00004ab0b4aad000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65da529d48844ab0-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0267 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=71838
expires
Sat, 12 Jun 2021 06:55:28 GMT
date
Fri, 11 Jun 2021 10:58:10 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 35CF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70822
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 10:58:10 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 35CF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41715823&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
de77ce2b86d7850b547864161f6d4772c62631d8937414dd054bbf7dff27c761

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:09 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 9BB2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 10:58:10 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1538782383710088227; expires=Tue, 10 Aug 2021 10:58:10 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 11 Jun 2021 10:58:10 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sun, 11 Jul 2021 10:58:10 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 5DC5
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=218593125325017322
42 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=218593125325017322
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=218593125325017322
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD; chkChromeAb67Sec=1; DPSync3=1624579200%3A201_197_219%7C1623456000%3A174; SyncRTB3=1624579200%3A71_21_13_7_54_3_220_161_56%7C1624665600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 10:58:10 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-218593125325017322; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 10:58:10 GMT; path=/ PugT=1623409090; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 10:58:10 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 10:58:10 GMT; path=/
x-lat
amspug002:0:382
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=218593125325017322
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1F76 		43 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 11 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1283
date
Fri, 11 Jun 2021 10:58:09 GMT
content-length
43
setuid
rtb.adxpremium.services/ Frame 3443 		0
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
content-length
0
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
set-cookie
SSCookie=1; Path=/; Expires=Thu, 09 Sep 2021 10:58:10 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJwdWJtYXRpYyI6eyJ1aWQiOiJBMjg1OTU2Ri05RjhELTRCOTAtQkYwQS1EMEQ0QjA1RDRFQUQiLCJleHBpcmVzIjoiMjAyMS0wNi0yNVQxMjo1ODoxMC4yNTExMzU1NCswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMTFUMTI6NTg6MTAuMjUxMTMyMjUxKzAyOjAwIn0=; Path=/; Domain=adxpremium.services; Expires=Thu, 09 Sep 2021 10:58:10 GMT; Secure; SameSite=None
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
0a9c51f6c400004eebe6835000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=36dLMr2WCUft800qQurlvAy3QfZZK1K%2BdSh5eKibXwhYdjsAyxlnzoLzpp3jesyl2WgUKBvzMX5CgtodqXtE5AsiJqlMQFx3f0ih0DTCNGKkXu2nsm7ypusKPvZbb9KhpjSdhkZZO3LQ%2FqGVkao4kmg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65da529e0c9f4eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 35CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ooWVb5-NS5C_CtDUsF1OrQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ooWVb5-NS5C_CtDUsF1OrQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=71838
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Sat, 12 Jun 2021 06:55:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 35CF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a0bd60c3-41c2-4800-8c9a-97133e09889a
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a0bd60c3-41c2-4800-8c9a-97133e09889a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:22:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 11 Jun 2021 10:58:10 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a0bd60c3-41c2-4800-8c9a-97133e09889a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Jun 2021 10:58:09 GMT
mw
mwzeom.zeotap.com/ Frame 35CF
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
  • https://spl.zeotap.com/?zdid=1332&zcluid=c3ce3629d3af43b1
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=43f210c5-f10e-4a50-4219-13964541bd9c&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIwshdqkRVkXY-Cd93w5PAM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=43f210c5-f10e-4a50-4219-139...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEIwshdqkRVkXY-Cd93w5PAM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=43f210c5-f10e-4a50-4219-13964541bd9c&zcluid=c3ce3629d3af43b1&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65da52a1edd4c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51f92c0000c27cd7365000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEIwshdqkRVkXY-Cd93w5PAM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=43f210c5-f10e-4a50-4219-13964541bd9c&zcluid=c3ce3629d3af43b1&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 35CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI4NTk1NkYtOUY4RC00QjkwLUJGMEEtRDBENEIwNUQ0RUFE&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI4NTk1NkYtOUY4RC00QjkwLUJGMEEtRDBENEIwNUQ0RUFE&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:09 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:409
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 35CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOuqW1w77ugs_074AgiGpeQ&google_cver=1
42 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOuqW1w77ugs_074AgiGpeQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:09 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:440
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOuqW1w77ugs_074AgiGpeQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 35CF 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 10 Jun 2021 10:58:10 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 35CF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:24b460c3-41c2-4e00-a917-38fd4e0682da&gdpr=0&gdpr_consent=
42 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:24b460c3-41c2-4e00-a917-38fd4e0682da&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:524
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 11 Jun 2021 10:58:10 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:24b460c3-41c2-4e00-a917-38fd4e0682da&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Jun 2021 10:58:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 35CF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9039414705836210164
42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9039414705836210164
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:540
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:10 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9039414705836210164
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 35CF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6f103a9e-7a78-460e-88cb-89c62cdec4a8
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6f103a9e-7a78-460e-88cb-89c62cdec4a8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:363
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6f103a9e-7a78-460e-88cb-89c62cdec4a8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 35CF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8229070390064693533&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8229070390064693533&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:09 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:389
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:10 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.240:80
AN-X-Request-Uuid
aa02eabc-1bfb-4e92-9d96-23edac43d140
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8229070390064693533&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 35CF 		43 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
rtb.adxpremium.services/ Frame 5BB5
Redirect Chain
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=fdXEeAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=8229070390064693533&mpk=fdXEeAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV...
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=8229070390064693533
0
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=8229070390064693533
Requested by
Host: shavlik40.rssing.com
URL: https://shavlik40.rssing.com/chan-21784001/index-latest.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Sz2HxqOlkUNj1sXe%2F9aCearHT0uS1j%2FFvp4KoiTkEFrXlEVuVJnK%2BnZGknVnHcd7yecW%2F9BqwSXZoKoC1QV285dTkT4nWLmuDwMPBrufu6RWsUqDZQk5RD8d5XC4M4uMMGSls5nqf7gATWuR1CwUk3Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
65da52a8e9084eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9c51fd9300004eebfcb4d000000001
expires
0

Redirect headers

date
Fri, 11 Jun 2021 10:58:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XeLcrieWWlC1LulyNkHvWX%2BFQO9pC2izWcp2M6OS3TXbojULzsq9grPEwgMszQi55DDvLp5bZOyAdHgY9YWSO8Q5IVwm68qvJZQCuO3ogY2IRjpBy5hrrolxlQVuZ1PHa8f%2Fa%2Ft9zbI%3D"}],"group":"cf-nel","max_age":604800}
location
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=8229070390064693533
cf-ray
65da52a658cb3250-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9c51fbfb00003250c9275000000001
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 67BB 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128478866615035/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/4528516/2128478866615035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:55:11 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
age
180
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
expires
Fri, 11 Jun 2021 11:10:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29953e7bf9b5020b546c1409fc4bf1b0720735414057aa408d066cd066ed1ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 10:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7964
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 11 Jun 2021 10:58:12 GMT
/
ads.us.e-planning.net/uspd/1/ Frame C489
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_...
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18007af8bb5d0e808aa7ab149940631fd7891e2c51a79ccba97ac2d34e658e2d

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

server
openresty
date
Fri, 11 Jun 2021 10:58:12 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AApEFvWppQceSuVc; path=/; domain=e-planning.net; expires=Fri, 09-Jun-2028 10:58:12 GMT; SameSite=None; Secure
expires
Fri, 11 Jun 2021 10:58:12 GMT
x-sid
AMS-739
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 11 Jun 2021 10:58:12 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
x-sid
AMS-739
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 0488 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 11 Jun 2021 10:54:29 GMT
expires
Sat, 11 Jun 2022 10:54:29 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
223
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6576 		783 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc8c3cf5a11b48fbcec6417101dae9263ad7e60fa75d42a1ca424322daa97f52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6OmKZ4rfCCigI3XJPIYhyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shavlik40.rssing.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shavlik40.rssing.com/

Response headers

expires
Fri, 11 Jun 2021 10:58:12 GMT
date
Fri, 11 Jun 2021 10:58:12 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-6OmKZ4rfCCigI3XJPIYhyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
pagead2.googlesyndication.com/bg/ Frame 0488 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jun 2022 10:47:59 GMT
um
u-ams02.e-planning.net/ Frame C489
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D090d7dee2996ec37
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=090d7dee2996ec37
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=090d7dee2996ec37
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:11 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=090d7dee2996ec37
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame C489
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1932381939
  • https://sync.1rx.io/usersync/tradedesk/6f103a9e-7a78-460e-88cb-89c62cdec4a8
  • https://sync.targeting.unrulymedia.com/csync/RX-3b997203-8933-416c-990c-de63b4816cfa-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-3b997203-8933-416c-990c-de63b4816cfa-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-3b997203-8933-416c-990c-de63b4816cfa-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-3b997203-8933-416c-990c-de63b4816cfa-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-3b997203-8933-416c-990c-de63b4816cfa-003&dc=1079cc634ca638f8&iss=1
date
Fri, 11 Jun 2021 10:58:12 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3b9972038933416c990cde63b4816cfa003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame C489 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:11 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 10 Jun 2026 10:58:11 GMT
tm60118.js
tag.navdmp.com/ Frame C489 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2850
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
0a9c51fdef00002c42021c4000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
65da52a97be42c42-FRA
expires
Fri, 11 Jun 2021 11:10:42 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame C489 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:11 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 10 Jun 2026 10:58:11 GMT
um
u-ams02.e-planning.net/ Frame C489
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D090d7dee2996ec37%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D090d7dee2996ec37%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=090d7dee2996ec37&uid=adf72298-7c45-4bc4-82c7-044e54b0019b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=090d7dee2996ec37&uid=adf72298-7c45-4bc4-82c7-044e54b0019b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:11 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=090d7dee2996ec37&uid=adf72298-7c45-4bc4-82c7-044e54b0019b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
gk1le1e0fuib6ckd3bcf1sa54nr2ncqh
ptag
a.audrte.com/ Frame C489 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-191-157.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
46e6b72f9594ef1af258639c2a03f299c6168d0efa897898c05adb0299a2f97f

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame C489 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:11 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 10 Jun 2026 10:58:11 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame C489 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D090d7dee2996ec37%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame C489
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D090d7dee2996ec37
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame C489
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D090d7dee2996ec37%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=090d7dee2996ec37&uid=8229070390064693533
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=090d7dee2996ec37&uid=8229070390064693533
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.106:80
AN-X-Request-Uuid
fb6f2f21-9e19-492e-a4ce-379d181c41a7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=090d7dee2996ec37&uid=8229070390064693533
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame C489 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D090d7dee2996ec37%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame C489
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-B.U78O9E2uHLC6JOBdulOzSKC33qEw7mWYe0rCE-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-B.U78O9E2uHLC6JOBdulOzSKC33qEw7mWYe0rCE-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-B.U78O9E2uHLC6JOBdulOzSKC33qEw7mWYe0rCE-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame C489
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D090d7dee2996ec37%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=090d7dee2996ec37&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=090d7dee2996ec37&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=090d7dee2996ec37&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
um
u-ams02.e-planning.net/ Frame C489
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D090d7dee2996ec37
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=090d7dee2996ec37&uid=02000000A841C3600F16BE7002D86210
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=090d7dee2996ec37&uid=02000000A841C3600F16BE7002D86210
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=090d7dee2996ec37&uid=02000000A841C3600F16BE7002D86210
date
Fri, 11 Jun 2021 10:57:44 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame C489 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 0DAD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 11 Jun 2021 10:58:12 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 11 Jun 2021 10:58:12 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1834 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D090d7dee2996ec37%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D090d7dee2996ec37%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES; KADUSERCOOKIE=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD; chkChromeAb67Sec=1; DPSync3=1624579200%3A201_197_219%7C1623456000%3A174; SyncRTB3=1624579200%3A71_21_13_7_54_3_220_161_56%7C1624665600%3A35; KRTBCOOKIE_27=16735-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&16736-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&23019-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&23114-uid:24b460c3-41c2-4e00-a917-38fd4e0682da; PUBMDCID=3; KRTBCOOKIE_377=6810-6f103a9e-7a78-460e-88cb-89c62cdec4a8&KRTB&22918-6f103a9e-7a78-460e-88cb-89c62cdec4a8&KRTB&23031-6f103a9e-7a78-460e-88cb-89c62cdec4a8; KRTBCOOKIE_391=22924-9039414705836210164&KRTB&23263-9039414705836210164; KRTBCOOKIE_336=5844-218593125325017322; KRTBCOOKIE_80=22987-CAESEOuqW1w77ugs_074AgiGpeQ&KRTB&16514-CAESEOuqW1w77ugs_074AgiGpeQ&KRTB&23025-CAESEOuqW1w77ugs_074AgiGpeQ; PugT=1623409089; KRTBCOOKIE_57=22776-8229070390064693533; SPugT=1623399765
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=71836
expires
Sat, 12 Jun 2021 06:55:28 GMT
date
Fri, 11 Jun 2021 10:58:12 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 82EE 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D090d7dee2996ec37%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES; KADUSERCOOKIE=A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD; chkChromeAb67Sec=1; DPSync3=1624579200%3A201_197_219%7C1623456000%3A174; SyncRTB3=1624579200%3A71_21_13_7_54_3_220_161_56%7C1624665600%3A35; KRTBCOOKIE_27=16735-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&16736-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&23019-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&23114-uid:24b460c3-41c2-4e00-a917-38fd4e0682da; PUBMDCID=3; KRTBCOOKIE_377=6810-6f103a9e-7a78-460e-88cb-89c62cdec4a8&KRTB&22918-6f103a9e-7a78-460e-88cb-89c62cdec4a8&KRTB&23031-6f103a9e-7a78-460e-88cb-89c62cdec4a8; KRTBCOOKIE_391=22924-9039414705836210164&KRTB&23263-9039414705836210164; KRTBCOOKIE_336=5844-218593125325017322; KRTBCOOKIE_80=22987-CAESEOuqW1w77ugs_074AgiGpeQ&KRTB&16514-CAESEOuqW1w77ugs_074AgiGpeQ&KRTB&23025-CAESEOuqW1w77ugs_074AgiGpeQ; PugT=1623409089; KRTBCOOKIE_57=22776-8229070390064693533; SPugT=1623399765
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D090d7dee2996ec37%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70820
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 10:58:12 GMT
vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame 4859 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c0ae306a77ebfb1e0ad96914507f1aa5f38b1099a98fe6d12904b29c50ae21d

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMNBv9L1w5WVmz.gj9C4lQAA; CMPS=5214; CMPRO=1152; CMRUM3=f160c341c105a0&5860c341c105a0&2d60c341bf2760CAESEFE6_ACmuJC-YYrIfpAkg-4&e660c341c12760&2760c341c10b40&bf60c341c105a0&0860c341c12760fea27970-e000-4774-bb46-086d0e744eae&8260c341c1a8c0&4960c341c105a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|4|3|206|105|156|31|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1646
Expires
Fri, 11 Jun 2021 10:58:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YMNBv9L1w5WVmz.gj9C4lQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:12 GMT CMPS=5214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:12 GMT CMPRO=1152;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:12 GMT CMST=YMNBxGDDQcQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 12 Jun 2021 10:58:12 GMT CMRUM3=2760c341c10b40&ce60c341c405a0&e660c341c12760&9c60c341c405a00&6960c341c405a0&0860c341c12760fea27970-e000-4774-bb46-086d0e744eae&0360c341c405a0&8260c341c1a8c0&4960c341c105a0&5860c341c105a0&2d60c341bf2760CAESEFE6_ACmuJC-YYrIfpAkg-4&f160c341c105a0&2e60c341c405a0&bf60c341c105a0&dd60c341c42760&1f60c341c405a00&0460c341c405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:12 GMT
/
spl.zeotap.com/ Frame 571C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50df239441ec4902b3580b8dec706d0b57bef79aae83e5fd7befad7b2eb1d660

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=0c21c3f8-921f-4e24-661f-7a85a59525da; zsc=k%99%7CfGV%F9%EC6%F7%10%9F%92%C0%B4%E9%AD0%CF%F2%C5%A5%C5%8B%EE%9D%1B%D1%8F%18%83%9C%3BK%98%CA%00%25%1E%8D%01%BD%A8p_h%CB%DE%2A%E1%88t%7CWn%9Cn%F9%D3%08%A5%C4GzM%29%1C%0C%A64%C0v%0A%40yFK%86%B4M%9A%A0%06
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
set-cookie
zc=0c21c3f8-921f-4e24-661f-7a85a59525da; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%AA%E6%0E%A4%E4%F5%FA%EF%2F%CE%112wm%AF%11%25B%A5%CB%40%88_%A6%02%F7R%D9%C7%7F%24O%8C%B0c%1B4A%E8%E4%B0%EC%AC%E2%7C%B7%FD%13%82%A3%C2%A9%DD%BC%8A%0EI%D3%D4%B6R%DEv%E3%EF%26%BF%2A%28%DB%C4r%C3%25%3E%28%89%AA%E4H%D3%0C%AA%12%3A%E9%3AB%2B%F2%13o%BC%F8gm%1A%09%26%A5FW%94%EC%BE%26%F5%7B%90hh%0EHE%0B%1D%02Y%BD%0C%E9f%B2%F2%D6%08%9F%FC%C5%C0%A3%A3%0CT%8Av%F9Iy2%C4.i%05%FC%BD%B1%7C%17l7%21P%EA%C9%FA-NA2%CF%D2%94%2B%01%D8%11%AD%84%BC%B1%AA; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a9c51fe320000c27cd3ade000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65da52a9ed93c27c-FRA
content-encoding
br
usync.js
eus.rubiconproject.com/ Frame 0DAD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:12:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72642
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Sat, 12 Jun 2021 07:08:54 GMT
khaos.jpg
token.rubiconproject.com/ Frame 0DAD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
getuid
secure.adnxs.com/ Frame 4859 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 4859
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4591154937601951063
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4591154937601951063
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:12 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4591154937601951063
pragma
no-cache
date
Fri, 11 Jun 2021 10:58:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4859
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=24b460c3-41c2-4e00-a917-38fd4e0682da&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=24b460c3-41c2-4e00-a917-38fd4e0682da&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:12 GMT

Redirect headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=24b460c3-41c2-4e00-a917-38fd4e0682da&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Jun 2021 10:58:11 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 4859 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMNBv9L1w5WVmz-gj9C4lQAABIAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 4859
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:12 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx/1.18.0
content-length
76
cookiesync
bttrack.com/pixel/ Frame 4859 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Fri, 11 Jun 2021 10:57:47 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
noop
px.owneriq.net/ Frame 4859
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6766954921974532426&uid=Q6766954921974532426&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
tpid=YMNBv9L1w5WVmz.gj9C4lQAA%261152
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 4859
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMNBv9L1w5WVmz.gj9C4lQAA%261152?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMNBv9L1w5WVmz.gj9C4lQAA%261152?gdpr_consent=&us_privacy=&gdpr=1
49 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMNBv9L1w5WVmz.gj9C4lQAA%261152?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.57
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMNBv9L1w5WVmz.gj9C4lQAA%261152?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.13.19
content-length
0
expires
0
um
u-ams02.e-planning.net/ Frame 4859 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=090d7dee2996ec37&uid=YMNBv9L1w5WVmz.gj9C4lQAA%261152
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D090d7dee2996ec37%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif
getuid
ib.adnxs.com/ Frame 571C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=b66880fd-ef5d-44f8-b867-6143d29b66ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b66880fd-ef5d-44f8-b867-6143d29b66ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aa9edfc27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fea00000c27cfd9b9000000001

Redirect headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=b66880fd-ef5d-44f8-b867-6143d29b66ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 571C 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db...
  • https://mwzeom.zeotap.com/mw?cid=6f103a9e-7a78-460e-88cb-89c62cdec4a8&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6f103a9e-7a78-460e-88cb-89c62cdec4a8&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aa9ed6c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fe9d0000c27ce52af000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=6f103a9e-7a78-460e-88cb-89c62cdec4a8&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 571C 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1623409092.221822,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11577-HHN
u
dmp.v.fwmrm.net/ad/ Frame 571C 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:2::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 571C 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=df9fbac4-d3e4-4740-a6bc-3d74dd448bff&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=df9fbac4-d3e4-4740-a6bc-3d74dd448bff&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aacf26c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fec10000c27ce3ad0000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=df9fbac4-d3e4-4740-a6bc-3d74dd448bff&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0c21c3f8-921f-4e24-661f-7a85a59525da&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0c21c3f8-921f-4e24-661f-7a85a59525da&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=80997594525138464520344867847548925475&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=80997594525138464520344867847548925475&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aadf39c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fec30000c27cd73d1000000001

Redirect headers

DCS
dcs-prod-irl1-2-v008-01106029e.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
9V3V3Ou+Rr0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=80997594525138464520344867847548925475&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 571C 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=0c21c3f8-921f-4e24-661f-7a85a59525da&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-82529-0.512805001623409089-949862dba654f642546109f4a10ed56c&zdid=533&env=mWeb
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-82529-0.512805001623409089-949862dba654f642546109f4a10ed56c&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aa9ed7c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fe9e0000c27ccc1db000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021061112-82529-0.512805001623409089-949862dba654f642546109f4a10ed56c&zdid=533&env=mWeb
Date
Fri, 11 Jun 2021 10:58:09 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6972488958174427275&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-...
95 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6972488958174427275&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aa8ec8c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fe980000c27cf0380000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6972488958174427275&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 571C 		95 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=0c21c3f8-921f-4e24-661f-7a85a59525da
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0c21c3f8-921f-4e24-661f-7a85a59525da&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0c21c3f8-921f-4e24-661f-7a85a59525da&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=FwcLJBupu5uGwJUct.P7M.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4d...
95 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=FwcLJBupu5uGwJUct.P7M.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aabf13c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51feb60000c27cdf994000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
last-modified
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=FwcLJBupu5uGwJUct.P7M.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 571C 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=0c21c3f8-921f-4e24-661f-7a85a59525da&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.106 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0c21c3f8-921f-4e24-661f-7a85a59525da?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92...
95 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52ab2ff1c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fef60000c27c97b6f000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=f66fc8df0c296c63017bcdd5d11c4974&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
cache-control
no-cache
x-server
10.45.19.200
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-Xlq8TuZE2ooFyEUTgOy140hPOcWuw0EnRw--~A&zpartnerid=570&env=mWeb
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-Xlq8TuZE2ooFyEUTgOy140hPOcWuw0EnRw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aadf42c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fec70000c27cac816000000001

Redirect headers

date
Fri, 11 Jun 2021 10:58:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-Xlq8TuZE2ooFyEUTgOy140hPOcWuw0EnRw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=QyOBNt78EX0O%2Bk0rWtv4SU5eIZTq1JBS%2BS41iYitP1U%3D
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=QyOBNt78EX0O%2Bk0rWtv4SU5eIZTq1JBS%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52aadf56c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fecb0000c27c9a8af000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=QyOBNt78EX0O%2Bk0rWtv4SU5eIZTq1JBS%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 571C 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=0c21c3f8-921f-4e24-661f-7a85a59525da&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 571C 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1623409092
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 571C 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=0c21c3f8-921f-4e24-661f-7a85a59525da&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBxAABs9ZHiwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-585...
95 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBxAABs9ZHiwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&_test=YMNBxAABs9ZHiwA4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52ab9922c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51ff410000c27c9a8be000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623409092.407490,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMNBxAABs9ZHiwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&_test=YMNBxAABs9ZHiwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=24b460c3-41c2-4e00-a917-38fd4e0682da&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=24b460c3-41c2-4e00-a917-38fd4e0682da&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52ab2ff7c27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51fefb0000c27cd90e3000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=24b460c3-41c2-4e00-a917-38fd4e0682da&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 11 Jun 2021 11:00:03 GMT
usermatch.gif
beacon.krxd.net/ Frame 571C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1623409092
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
date
Fri, 11 Jun 2021 10:58:12 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a004-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 571C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c21c3f8-921f-4e24-661f-7a85a59525da&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c21c3f8-921f-4e24-661f-7a85a59525da&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c21c3f8-921f-4e24-661f-7a85a59525da&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0c21c3f8-921f-4e24-661f-7a85a59525da&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 571C
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=0c21c3f8-921f-4e24-661f-7a85a59525da&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65da52abf9cac27c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9c51ff770000c27ce9b96000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Fri, 11 Jun 2021 10:58:12 GMT
Connection
keep-alive
Content-Length
0
BK-Server
8160
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 571C 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0c21c3f8-921f-4e24-661f-7a85a59525da%26reqId%3Db0ce69f9-92aa-4de9-4248-5857fe0a8f88%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.215.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 571C 		557 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80abc51205bfc46151957da3dd10c9e3a5630f59f83797f5a300bdd6871c2e48

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
65da52ab1fb8c27c-FRA
date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
0a9c51feeb0000c27c97390000000001
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=654544741757586&bg=!yMuly4_NAAY6sG-_OrA7ACkAdvg8Whiwif73XQJ-B6ebD1rffUdzJWAu22wQ81jgcSGilp_ODojKTgIAAACgUgAAAA9oAQcKAM7z_FYxnCqFD3xzwK30ZU5mzdrdI_V8B6I2R0iktMFR5uwfR6_2YRZkvk7Gy3xqY6cRnOXFkmEV814bgtnnfCSUzCkfwVyRzeRI4GvsEh9gbofHLV8U_M4VZW6LEoED2F8akupKF0N7nYKs44j3GfqTsVZMu7h-WSA7YFNFu0R7uRuMNeTC7fTmBAkr0zlcW71TlVSnRTzvalvl9fZS8qZk84WaWK7hDDM5rhQbM07A8XvHnaW1tns3ezLH9icsF07DmA4Y3XWCSvsufIlfw5kCdk8Z8sroJnD9wz7sN4O28S1OER1M5j0jWqu1yljGgXb7gDLkahIlQvv4o2ynGl-ryOFZVoCo_a42uTietUYbLAPKDfoTJisJEPCqg02GZeFGbfo1Xvzd4cIAcNdz0HvyGPEHSIxho7CCPnrEXRARl96vJwzlW275YyLJ0ZRtEP27Qs0uKVR6B6Tttptx184Z7MsH-dljhB55X8jUFflkKecKeIfuu1cz90ZnUvjpnvkVm0cIaoEfp25oJExHY09abggCH-F_tvF9Hop8mHHEP02viA1bPjMIBOTtK1CqZMa1oWGZhi1gcU0ubqW3Nxamd_DH8FDoDtSj9SyIF_wl7qxwRxVYSgWA6bbqoNw17kg02M0FdofMPcnrJcr-2j-8sxGH1dby5DKfxy3zIC7E3JDHqdnKjIPkUBbFtNJU7GAwj55qbKh7VdM235ve8sacyRXzZqUvBLEKG32zTdC8OL1l-Mqqj2FWtRtlx9BdPaUdG6_jK6e_YudBkx7QvbnzvaaBousImOHSNT95YQLLrI97QqM1RtXtrw4mDXVE4C_852oiztyM74MLFIYNR0uKZg6kNgREJCnT5jmhvfilKfLYJeH6z7nC-AgWWz8uD8Q7lueVadBc1gx5Ax4LHUcPuByfQzOcvoMTy-PI6snH7jSqLvC_A1CqOb9eFxGKAGq7B_wzJcQzB5sU9O7krAToSX30RP3m8lm76D4JujB2gC-YIdpqB2UjvsJDXI2aqnP3B0enI54bpuNI6rMcdHZ5LAFMk7Q7PblFSbHVXVP9cYb2pCS2ECkTTeD80EkBnD0ROdaO5h3kjgkkQMJetrUpVrOGhQrEBw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shavlik40.rssing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 35CF 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159760&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:22:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cmp
spl.zeotap.com/ Frame 571C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0c21c3f8-921f-4e24-661f-7a85a59525da&reqId=b0ce69f9-92aa-4de9-4248-5857fe0a8f88&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=0c21c3f8-921f-4e24-661f-7a85a59525da; zsc=%AA%E6%0E%A4%E4%F5%FA%EF%2F%CE%112wm%AF%11%25B%A5%CB%40%88_%A6%02%F7R%D9%C7%7F%24O%8C%B0c%1B4A%E8%E4%B0%EC%AC%E2%7C%B7%FD%13%82%A3%C2%A9%DD%BC%8A%0EI%D3%D4%B6R%DEv%E3%EF%26%BF%2A%28%DB%C4r%C3%25%3E%28%89%AA%E4H%D3%0C%AA%12%3A%E9%3AB%2B%F2%13o%BC%F8gm%1A%09%26%A5FW%94%EC%BE%26%F5%7B%90hh%0EHE%0B%1D%02Y%BD%0C%E9f%B2%F2%D6%08%9F%FC%C5%C0%A3%A3%0CT%8Av%F9Iy2%C4.i%05%FC%BD%B1%7C%17l7%21P%EA%C9%FA-NA2%CF%D2%94%2B%01%D8%11%AD%84%BC%B1%AA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a9c51ff100000c27cf6160000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65da52ab485cc27c-FRA
cc.js
tags.crwdcntrl.net/c/15238/ Frame C489 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-64.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 08:55:07 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
7385
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 ff42f0c276df6efb8ccff2182e6cfe91.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
x4BYGE98LNuX1GytnKk3f6l10RumX7CcWJ7vUNoCmFIwhcGL3uxeXw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 59A0 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AApEFvWppQceSuVc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 11 Jun 2021 10:58:12 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 10 Jun 2026 10:58:12 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame E5FC 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dddeeaaa013d8400e2a877c46f40e8e1aa041c3a3b300c46887818807fb8b81

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
content-type
text/html
set-cookie
uid=99af24bb-7b40-41a3-9300-665e50d2bbf9; expires=Thu, 01 Jul 2021 10:58:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a9c51ff8300004a6ec4074000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F0SzK1OFfwtn8%2FcXDmD3QdTyi9WGI2LpM%2FiyzwMXzAExrn%2B3JsKv8c3qz8kEVeMz7sxxUpFdCKX4ZysSrweJ4aFm1pQIATfMdH1siVVpHHK5PAPeD%2BS%2B9B5Z5I0Gx%2Fqx%2Fk53zRLAqGz%2BXr4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65da52ac0b074a6e-FRA
content-encoding
br
setuid
rtb.adxpremium.services/ Frame 5FA5
Redirect Chain
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AApEFvWppQceSuVc
0
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AApEFvWppQceSuVc
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AApEFvWppQceSuVc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJtYXJzbWVkaWEiOnsidWlkIjoiODIyOTA3MDM5MDA2NDY5MzUzMyIsImV4cGlyZXMiOiIyMDIxLTA2LTI1VDEyOjU4OjExLjk5MzQxMTUyNiswMjowMCJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJBMjg1OTU2Ri05RjhELTRCOTAtQkYwQS1EMEQ0QjA1RDRFQUQiLCJleHBpcmVzIjoiMjAyMS0wNi0yNVQxMjo1ODoxMC4yNTExMzU1NCswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMTFUMTI6NTg6MTAuMjUxMTMyMjUxKzAyOjAwIn0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
content-length
0
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
set-cookie
SSCookie=1; Path=/; Expires=Thu, 09 Sep 2021 10:58:12 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQUFwRUZ2V3BwUWNlU3VWYyIsImV4cGlyZXMiOiIyMDIxLTA2LTI1VDEyOjU4OjEyLjgxMTgzOTY2OSswMjowMCJ9LCJtYXJzbWVkaWEiOnsidWlkIjoiODIyOTA3MDM5MDA2NDY5MzUzMyIsImV4cGlyZXMiOiIyMDIxLTA2LTI1VDEyOjU4OjExLjk5MzQxMTUyNiswMjowMCJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJBMjg1OTU2Ri05RjhELTRCOTAtQkYwQS1EMEQ0QjA1RDRFQUQiLCJleHBpcmVzIjoiMjAyMS0wNi0yNVQxMjo1ODoxMC4yNTExMzU1NCswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMTFUMTI6NTg6MTAuMjUxMTMyMjUxKzAyOjAwIn0=; Path=/; Domain=adxpremium.services; Expires=Thu, 09 Sep 2021 10:58:12 GMT; Secure; SameSite=None
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
0a9c5200c300004eeb2a921000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8Gzn3YL0TDdgVbBKM4l2Je0QJRKEvtIWvdatRbJH5QTTGKS%2FKa4D1jcxnf9IXBX1Lo33wfEaNLLYd8y276qHvFr0wkzBt9tTGB6KNVTVqcvx%2BgRo%2FdappxF3%2Bv3wJo8IVFLM%2BSzR0KdFYmOwSqNDcw4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65da52ae0e814eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

server
openresty
date
Fri, 11 Jun 2021 10:58:12 GMT
content-type
text/html; charset=iso-8859-1
location
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AApEFvWppQceSuVc
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 11 Jun 2021 10:58:12 GMT
x-sid
AMS-739
GS.d
js.cookieless-data.com/ Frame 59A0 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1623409092501
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame E5FC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8229070390064693533
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8229070390064693533
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0LXoaPguv3BJ7Y66VmVC5tXvymFYmh6lVxo40Qj1VSRu17joImRKRp7PbRB45gTzXGJV9nC8JDcI%2FbVlliGNqUvcvjEG7eaxMAIRFe43QcbKdzRQnZLu7UAr4J1h4kxbo6eqND5O7pX0f28%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da52ad0dab4a6e-FRA
content-length
43
cf-request-id
0a9c52002100004a6ed38ad000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid
69cc7ed7-0caa-40c8-a574-505fddb3f312
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8229070390064693533
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E5FC
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=c531742f-5f83-51a2-a701-3784c7c27640
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=c531742f-5f83-51a2-a701-3784c7c27640
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wx3J2IYBxfHVbsRnQhlIeDCBBLXKc3hb3lKT%2B8aWIe51eydfZpPQy%2FAkLMiXvXx51V6blOVHtEyxPCZcgTxPa8S99pDH%2B%2BLDuEFBbEITMFpN%2B9RK5LwvDRJk35dNEmuoXHDh7jyq7WUZyds%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da52adaf644a6e-FRA
content-length
43
cf-request-id
0a9c52008600004a6ed8ba3000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=c531742f-5f83-51a2-a701-3784c7c27640
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame E5FC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8229070390064693533
43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8229070390064693533
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EIE9DNW%2BzM7zN6DtTo%2Fef64%2Bzk9Uygr5zau2ooU0%2B5wlYK9FYUpTfKWVXKX37qu5zoZIcItX9BKIm4hLLcfIl15P8yQmTfngBsJXArog1IPUkztmxjYcohmNGsGf0xgvMN5ifVeKzjTgaJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da52ad0db04a6e-FRA
content-length
43
cf-request-id
0a9c52002200004a6ee1a50000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid
88ab2644-04b1-455d-b0c2-6a9ce9bf7b8b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8229070390064693533
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E5FC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8229070390064693533
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8229070390064693533
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uKLLlcB6%2F1F88qFOU4Erts8ETSSAK4mwG4NJYry7JYMHYHOBAQVsNekcQZV4TW8suOeKo7cSqzNh0TdukhJLQ2yPk7wRVPW5VlASNgs89xI3tpOfpNm8JyM97aNIzeiATqfeRtUFa83kfCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da52ad0de94a6e-FRA
content-length
43
cf-request-id
0a9c52002a00004a6ed21ef000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid
336e238e-b841-4719-9760-34075f3a2c08
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8229070390064693533
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E5FC
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ssX6LoSHsqyf6qIfgY6YO%2FETIFym%2Fj22xtKTzMTiNq2u82GyRWcW6sQZAD%2BfCM5P5%2BdNEXwdzSWvGL8fGOqvS92Szpz6bOUrKYAbO8hYdjAiW6yCBYxj5zK7CYzdIYta1p%2BCqX3MtiNSOps%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da52ad9f3c4a6e-FRA
content-length
43
cf-request-id
0a9c52007c00004a6eee9b2000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=b455c42cce81c7fa53861e6f48f3629c12ad9dc5
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
us
sync.go.sonobi.com/ Frame E5FC 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame E5FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-B.U78O9E2uHLC6JOBdulOzSKC33qEw7mWYe0rCE-~A
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-B.U78O9E2uHLC6JOBdulOzSKC33qEw7mWYe0rCE-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C%2BNyyC3jHHp0qNzvPA2ZHg1nUZT4UuzDhE9QxbjoR4cx4Tfm3PXoRFWIBYZGzYI2V0fP4e82hVBcxFQbVbE6FsQ4kg4KNZsFYPZtpyPAgQmlQrT6U0RGjc22T8mi%2FO%2BshOP7THCvsWGn4xo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da52ad0de14a6e-FRA
content-length
43
cf-request-id
0a9c52002c00004a6ed38b0000000001

Redirect headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-B.U78O9E2uHLC6JOBdulOzSKC33qEw7mWYe0rCE-~A
Connection
keep-alive
Content-Length
0
um
sync.e-planning.net/ Frame E5FC 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=99af24bb-7b40-41a3-9300-665e50d2bbf9
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C5F5 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3646a8f198cb05e97be2d95010b965410fcdba0b99de090b8d81af39aaf4c904

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMNBv9L1w5WVmz.gj9C4lQAA; CMPS=5214; CMPRO=1152; CMST=YMNBxGDDQcQA; CMRUM3=8260c341c1a8c0&4960c341c105a0&9c60c341c405a00&6960c341c405a0&2760c341c10b40&ce60c341c405a0&e660c341c12760&0360c341c405a0&0860c341c12760fea27970-e000-4774-bb46-086d0e744eae&1f60c341c405a00&dd60c341c42760&0460c341c427604591154937601951063&f160c341c105a0&2d60c341bf2760CAESEFE6_ACmuJC-YYrIfpAkg-4&5860c341c105a0&bf60c341c105a0&2e60c341c405a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
65|90|111|64|188|190|46|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1453
Expires
Fri, 11 Jun 2021 10:58:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Connection
keep-alive
Set-Cookie
CMID=YMNBv9L1w5WVmz.gj9C4lQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:12 GMT CMPS=5214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:12 GMT CMPRO=1152;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 10:58:12 GMT CMRUM3=8260c341c1a8c0&4060c341c405a0&5a60c341c405a0&4960c341c105a0&9c60c341c405a00&6960c341c405a0&ce60c341c405a0&2760c341c10b40&e660c341c12760&0360c341c405a0&be60c341c405a0&0860c341c12760fea27970-e000-4774-bb46-086d0e744eae&dd60c341c42760&1f60c341c405a00&0460c341c427604591154937601951063&f160c341c105a0&bc60c341c405a00&6f60c341c405a0&2d60c341bf2760CAESEFE6_ACmuJC-YYrIfpAkg-4&5860c341c105a0&4160c341c405a0&bf60c341c405a0&2e60c341c405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 10:58:12 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame DD35 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 11 Jun 2021 10:58:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YMNBx; path=/; domain=.go.sonobi.com
/
ssc-cms.33across.com/ps/ Frame D803 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.174 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP005
date
Fri, 11 Jun 2021 10:58:11 GMT
/
onetag-sys.com/usync/ Frame C50E 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
rum
dsum.casalemedia.com/ Frame C5F5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623495492&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623495492&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:12 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623495492&gdpr=1
pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame C5F5
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A2B5B46AED9243C4A25F811AC9CAE2CB&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A2B5B46AED9243C4A25F811AC9CAE2CB&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:12 GMT

Redirect headers

date
Fri, 11 Jun 2021 10:58:12 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A2B5B46AED9243C4A25F811AC9CAE2CB&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 10 Jun 2021 10:58:12 GMT
match
c1.adform.net/serving/cookie/ Frame C5F5 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame C5F5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626001092
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626001092
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 10:58:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 10:58:12 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626001092
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieIndex
rtb.adentifi.com/ Frame C5F5 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-128-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
getuid
ib.adnxs.com/ Frame C5F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getuid
secure.adnxs.com/ Frame C5F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index
dmp.brand-display.com/cm/api/ Frame C5F5 		43 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:12 GMT
via
1.1 google
last-modified
Fri, 11 Jun 2021 10:58:12 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 11 Jun 2021 10:58:13 GMT
setuid
sync.quantumdex.io/ Frame C5F5 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMNBv9L1w5WVmz-gj9C4lQAABIAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n55XPaBshPteVD%2FLGRLIdMd%2FFqSMj6vFe%2BYuzwoVG6wtUa3ZrloytzPK3tdhLJqjOOjsY9L4qIs7D3CQWur%2BAxlmo%2B34y1nwfNpUoTkuhwChzMXpyYe%2F6nXhTgN3aCCSEol0lokIDHBclhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65da52ad3e594a6e-FRA
content-length
43
cf-request-id
0a9c52004100004a6eeb87f000000001
ptrack
a.audrte.com/ Frame C489 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=141.98.102.252&p=M1353665098&artime=2021-06-11T10:58:13.585Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGYWRzLnVzLmUtcGxhbm5pbmcubmV0JTJGZ2V0dWlkJTJGMSUyRjVhMWFkNzFkMmQ1M2EwZjUlM0ZodHRwcyUzQSUyRiUyRnJ0Yi5hZHhwcmVtaXVtLnNlcnZpY2VzJTJGc2V0dWlkJTNGYmlkZGVyJTNEZXBsYW5uaW5nJTI2Z2RwciUzRDElMjZnZHByX2NvbnNlbnQlM0QlMjZ1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dXNlci1zeW5jLmFkeHByZW1pdW0uc2VydmljZXMv
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-191-157.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
89c0aca916a03bfc19b26fdc2439690c071e7e5d1e559fa59cf394906efbaa55

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:13 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
usync.html
eus.rubiconproject.com/ Frame 2E32 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 11 Jun 2021 10:58:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 2E32 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:12:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72641
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Sat, 12 Jun 2021 07:08:54 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2E32 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
cookie
cm.adform.net/ Frame 5BB5 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:13 GMT
server
nginx
content-length
43
content-type
image/gif
match
ps.eyeota.net/ Frame C489
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5264230086538298273
  • https://ps.eyeota.net/match?bid=kh51m51&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:14 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Fri, 11 Jun 2021 10:58:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
ps.eyeota.net/pixel/bounce/ Frame C489
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:13 GMT
Content-Type
application/javascript
Content-Length
1218
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
Date
Fri, 11 Jun 2021 10:58:13 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame C489
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=&google_tc=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=&google_gid=CAESENPFSiTBxOXKxr0q09qm6MM&google_cver=1
  • https://a.audrte.com/p
68 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-191-157.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:14 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 11 Jun 2021 10:58:14 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/ Frame 4CFE
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
53a3c4b7c1f98acd0c923e9b726a49e2dd30ac3987cbea148bcff421823397c5

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 11 Jun 2021 10:58:15 GMT
content-type
text/html;charset=UTF-8
content-length
1206
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.22.139
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 08-Mar-2022 10:03:00 GMT;SameSite=None;Secure _cc_id=f66fc8df0c296c63017bcdd5d11c4974;Path=/;Domain=crwdcntrl.net;Expires=Tue, 08-Mar-2022 10:03:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQSDMzS0u2SEkzSDayNEs2MzYwNE9KTkkxTTE0TDaxNDdhAIKEw47HP%2F7%2F%2F58fxIEAAMohD0E%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 08-Mar-2022 10:03:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIOOx4HEhBAQAa0gIs";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 08-Mar-2022 10:03:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Fri, 11 Jun 2021 10:58:15 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.1.35
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
tpid=YMNBxwABtBlvnAA4&_test=YMNBxwABtBlvnAA4
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 4CFE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YMNBxwABtBlvnAA4
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YMNBxwABtBlvnAA4&_test=YMNBxwABtBlvnAA4
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YMNBxwABtBlvnAA4&_test=YMNBxwABtBlvnAA4
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:15 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.67
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623409096.713621,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YMNBxwABtBlvnAA4&_test=YMNBxwABtBlvnAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
5907
tags.bluekai.com/site/ Frame 4CFE 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=803adb3e5ab6ae85501107aa65e36f61
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 10:58:15 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=71107582387503281020218287848111741858
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 4CFE
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f66fc8df0c296c63017bcdd5d11c4974&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=f66fc8df0c296c63017bcdd5d11c4974&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=71107582387503281020218287848111741858
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=71107582387503281020218287848111741858
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:15 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.26
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-2-v008-01ca38308.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
VMfGtg95TDc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=71107582387503281020218287848111741858
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ Frame 4CFE 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=f66fc8df0c296c63017bcdd5d11c4974
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 10:58:15 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1623409095
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
qmap
sync.crwdcntrl.net/ Frame 4CFE
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=22b460c3-41c7-4c00-863d-cdfeea4f2513
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=22b460c3-41c7-4c00-863d-cdfeea4f2513
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:15 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.19
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Fri, 11 Jun 2021 10:58:15 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=22b460c3-41c7-4c00-863d-cdfeea4f2513
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Jun 2021 10:58:14 GMT
tpid=4299772072640709599
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 4CFE
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/f66fc8df0c296c63017bcdd5d11c4974/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4299772072640709599
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4299772072640709599
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=261571684/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:15 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.57
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4299772072640709599
pragma
no-cache
date
Fri, 11 Jun 2021 10:58:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dc_oe=ChMIwb7dj7aP8QIVJse7CB2GaAzlEAAYACCots1EQhMIz_2sj7aP8QIVU17lCh2t0gXn;met=1;&timestamp=1623409098470;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2571 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwb7dj7aP8QIVJse7CB2GaAzlEAAYACCots1EQhMIz_2sj7aP8QIVU17lCh2t0gXn;met=1;&timestamp=1623409098470;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 10:58:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
image.itdonga.com
URL
https://image.itdonga.com/files/2019/06/18/DSC08012.JPG
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid

Verdicts & Comments Add Verdict or Comment

360 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| rmsg function| randomString function| cp string| rs function| __tcfapi function| __uspapi object| adsbygoogle number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| adConfig object| googletag object| pbjs function| run_pb function| initAdserver object| _qevents object| vitag number| doan function| gtag object| dataLayer function| axrpt_img_set_src_next function| axrpt_img_set_src function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| google_tag_manager object| ggeac object| google_js_reporting_queue object| regeneratorRuntime function| __tcfapiui function| pbjsChunk object| _pbjsGlobals object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| isTouchDevice function| gtmos function| rgttfu_same function| wob function| rgttfu function| gttfu function| imgZoom function| trim function| is_emptystr function| trim_encode function| sdl function| setgVal function| setgaVal function| getgVal function| getgaVal object| __p_images function| setpImg function| getpImg function| imgZoomInt function| imgZoomReset function| imgZoomDyna function| findPositionX function| findPositionY function| get_parent_with_class function| toggle_class_for_parent_with_class function| toggle_class function| rate function| create_xmlhttprss function| sendreq function| requrl function| rareq function| rreq function| htmlset function| setHttp function| json2jsa function| jsa2urlqry function| jsa2json function| jsm2json function| testSameOrigin function| get_dim function| gtfooms function| getlangsmenu function| zing function| getlngsmenu_end function| getratings function| dogsearch_old function| dogsearch_if13 function| dogsearch function| dogsearch_end function| get_qs function| ratings_end function| star_img_cfg function| star_img function| updn_cfga function| updn_cfg function| upImg_cfg function| up_cfg function| dn_cfg function| up_cfg_old function| dn_cfg_old function| upVoteImg function| upVote function| dnVote function| hideshow function| setcookie_if_has_class function| flipdisp function| star_cfg function| setIH function| mature_cfg function| rating_cfg function| verify_chan function| verify_chan_end function| verify_item function| verify_item_end function| fill_addthis function| flipshare function| flipmenu function| flipitemdisplay function| flipdisplaystyle function| chkcheck function| chkfield function| sendjmsg function| sendmsg_end function| sendmsg function| umsgresp function| ownerreq function| owneract function| mui_tx_do function| mui_tx_do_end function| rs_msgbox_add function| rs_msgbox_rem function| checkForm function| decr_slider function| incr_slider function| goto_article function| init_slider function| img_info function| img_info_old function| imgSuitable function| copy_attr function| move_attr function| set_attr function| get_attr function| rename_attribute function| searchImage function| imgendiv function| imgendiv_old function| url_rem_scheme function| img_getsrc function| img_atshare function| safeload_img function| mark_nsfw_end function| attr_was_not_set function| lazy_handler_element function| lazy_handler_element_old object| imging_arr object| imging_endiv_arr function| instrument_imgs function| instrument_article_imgs function| instrument_article_imgs_old function| object_keys function| isOnScreen function| onTouchScroll object| addthis_config object| addthis_share number| rs_addthis_init object| share_class function| do_atinit function| url_add_scheme function| atshare function| a_img_set_src_next function| a_img_set_src function| txtNodeScriptClone function| append_inner_js function| append_js function| deploy_ad function| xrpt_img_set_src_next function| xrpt_img_set_src function| xrpt_mark_nsfw_end function| setCookie function| getCookie function| delCookie function| _ function| $ function| jQuery function| Swiper object| g367CB268B1094004A3689751E7AC568F undefined| g undefined| adscoreVerificationStatus undefined| freqms undefined| elapsed undefined| waitForAdscoreSignature function| UAParser function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _VLIOBJ object| _mgIntExchangeNews object| AdskeeperInfC1148396 function| AdskeeperCContextBlock1148396 function| AdskeeperCMainBlock1148396 function| AdskeeperCInternalExchangeBlock1148396 function| AdskeeperCColorBlock1148396 function| AdskeeperCRejectBlock1148396 function| AdskeeperCElasticBlock1148396 function| AdskeeperCAmpRenderBlock1148396 function| AdskeeperCInternalExchangeLoggerBlock1148396 function| AdskeeperCObserverBlock1148396 function| AdskeeperCSendDimensionsBlock1148396 function| AdskeeperCAntifraudBlock1148396 function| AdskeeperCAntifraudStatisticsBlock1148396 function| AdskeeperCRtbBlock1148396 function| AdskeeperCDiscountBlock1148396 function| AdskeeperCIframeSizeChangerBlock1148396 function| AdskeeperCExternalCountersBlock1148396 function| AdskeeperCYandexTurboBlock1148396 function| AdskeeperCContentPreviewBlock1148396 function| AdskeeperCCountersBlock1148396 function| AdskeeperCGradientBlock1148396 object| onClickExcludes function| mgReject1148396 function| mgLoadAds1148396_016ad function| AdskeeperCReject1148396 function| AdskeeperLoadGoods1148396_016ad string| _mgCanonicalUri boolean| _mgPageViewEndPoint515146 string| _mgPvid boolean| mg_loaded_515146_1148396 boolean| _mgPageView515146 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| dd number| rss_indx string| rss_url object| pageinfo function| get_pi function| get_indx function| get_url function| atshare_1 function| atshare_4 function| atshare_5 function| atshare_6 function| atshare_7 function| atshare_8 function| atshare_9 function| atshare_10 function| atshare_11 function| atshare_12 function| atshare_13 object| scratch object| divel object| timg object| img object| imgq function| imgqp function| lll number| imgqc string| pubcidCookie object| gaplugins object| gaGlobal object| gaData string| tagApi object| viAPItag object| observeElementInViewport boolean| i.js.loaded boolean| i-noref.js.loaded object| ntfcSDK function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| jQuery18309052572780880632 function| vlipbChunk object| vlipb string| nobidVersion object| nobid function| vlPlayer object| $sf object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google boolean| __@@##MUH object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

29 Cookies

Domain/Path Name / Value
.adform.net/ Name: uid
Value: 9039414705836210164
.adtelligent.com/ Name: vmuid
Value: 145c60f217234705
.doubleclick.net/ Name: IDE
Value: AHWqTUkB71XHsnSOoXe5WCo7RuQMZuWoWLQBDkU1Cw5uc8fxsg_A9QpzTiZRkJWSfd4
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A285956F-9F8D-4B90-BF0A-D0D4B05D4EAD
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-218593125325017322
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-9039414705836210164&KRTB&23263-9039414705836210164
.pubmatic.com/ Name: PugT
Value: 1623409089
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-6f103a9e-7a78-460e-88cb-89c62cdec4a8&KRTB&22918-6f103a9e-7a78-460e-88cb-89c62cdec4a8&KRTB&23031-6f103a9e-7a78-460e-88cb-89c62cdec4a8
rtb.adxpremium.services/ Name: SSCookie
Value: 1
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&16736-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&23019-uid:24b460c3-41c2-4e00-a917-38fd4e0682da&KRTB&23114-uid:24b460c3-41c2-4e00-a917-38fd4e0682da
.adnxs.com/ Name: uuid2
Value: 8229070390064693533
.casalemedia.com/ Name: CMID
Value: YMNBv9L1w5WVmz.gj9C4lQAA
.casalemedia.com/ Name: CMPRO
Value: 1152
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8229070390064693533
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMPS
Value: 5214
.adtelligent.com/ Name: a297253
Value: 402987595176389845
.pubmatic.com/ Name: SPugT
Value: 1623399765
.adtelligent.com/ Name: a309255
Value: 1b8421ed-5703-4197-9554-e2f4b81529db
.casalemedia.com/ Name: CMRUM3
Value: f160c341c105a0&5860c341c105a0&2d60c341bf2760CAESEFE6_ACmuJC-YYrIfpAkg-4&e660c341c12760&2760c341c10b40&bf60c341c105a0&0860c341c12760fea27970-e000-4774-bb46-086d0e744eae&8260c341c1a8c0&4960c341c105a0
.zeotap.com/ Name: zc
Value: 0c21c3f8-921f-4e24-661f-7a85a59525da
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOuqW1w77ugs_074AgiGpeQ&KRTB&16514-CAESEOuqW1w77ugs_074AgiGpeQ&KRTB&23025-CAESEOuqW1w77ugs_074AgiGpeQ
.pubmatic.com/ Name: SyncRTB3
Value: 1624579200%3A71_21_13_7_54_3_220_161_56%7C1624665600%3A35
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1624579200%3A201_197_219%7C1623456000%3A174
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJwdWJtYXRpYyI6eyJ1aWQiOiJBMjg1OTU2Ri05RjhELTRCOTAtQkYwQS1EMEQ0QjA1RDRFQUQiLCJleHBpcmVzIjoiMjAyMS0wNi0yNVQxMjo1ODoxMC4yNTExMzU1NCswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMTFUMTI6NTg6MTAuMjUxMTMyMjUxKzAyOjAwIn0=
.zeotap.com/ Name: zsc
Value: k%99%7CfGV%F9%EC6%F7%10%9F%92%C0%B4%E9%AD0%CF%F2%C5%A5%C5%8B%EE%9D%1B%D1%8F%18%83%9C%3BK%98%CA%00%25%1E%8D%01%BD%A8p_h%CB%DE%2A%E1%88t%7CWn%9Cn%F9%D3%08%A5%C4GzM%29%1C%0C%A64%C0v%0A%40yFK%86%B4M%9A%A0%06

8 Console Messages

Source Level URL
Text
console-api error URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=rssing.com(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api debug URL: https://jsc.adskeeper.com/r/s/rssing.com.1148396.js(Line 1)
Message:
[object HTMLImageElement]
console-api warning URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32)
Message:
a: 0.001220703125 ms
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent=|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8m1Z1LMeAYlQDOKUW5VKAkapQ&gdpr=0&gdpr_consent="}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2007e87428e4d0b7d668997663553fbc.safeframe.googlesyndication.com
3.bp.blogspot.com
4.bp.blogspot.com
a.audrte.com
a.rssing.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
apex.go.sonobi.com
apis.quantcast.mgr.consensu.org
assets.vlitag.com
audiolove.me
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
biddr.brealtime.com
blog.resistance.lt
bn01.er.bemail.it
bttrack.com
busyteacher.org
c.adskeeper.com
c1.adform.net
c2.staticflickr.com
casale-match.dotomi.com
cdn.adskeeper.co.uk
cdn.connectad.io
cdn.engine.4dsply.com
cdn.jsdelivr.net
cdn.krxd.net
cm.adform.net
cm.adskeeper.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.createjs.com
communities.bentley.com
community.cadence.com
community.dynamics.com
community.shavlik.com
consumer.krxd.net
cpm.adsolut.in
cs.admanmedia.com
csync.smartadserver.com
d.adroll.com
d.smopy.com
d.turn.com
d5p.de17a.com
directorsblog.nih.gov
dis.criteo.com
dishesha.net
dmp.adform.net
dmp.brand-display.com
dmp.rtbsrv.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e2e.ti.com
ec-ns.sascdn.com
en.metal-tracker.com
engine.4dsply.com
eus.rubiconproject.com
files.ozbargain.com.au
fonts.googleapis.com
fonts.gstatic.com
gallery.yopriceville.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.emxdgt.com
i.insider.com
i1.wp.com
ib.adnxs.com
ice.360yield.com
idsync.frontend.weborama.fr
image.itdonga.com
image.yes24.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.huffingtonpost.com
img.youtube.com
js.cookieless-data.com
jsc.adskeeper.com
loadeu.exelator.com
match.adsrvr.org
media.moddb.com
ms.quantumdex.io
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
origin2.cdn.componentsource.com
p.rfihub.com
pagead2.googlesyndication.com
panismaczna.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prebid.a-mo.net
prg.smartadserver.com
ps.eyeota.net
px.owneriq.net
quantcast.mgr.consensu.org
rtb.adentifi.com
rtb.adxpremium.services
rtb.openx.net
rules.quantcount.com
s-img.adskeeper.com
s.adtelligent.com
s.amazon-adsystem.com
s.e-planning.net
s0.2mdn.net
s7.addthis.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.adskeeper.com
services.vlitag.com
shavlik40.rssing.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stat.ameba.jp
static.adsafeprotected.com
static1.businessinsider.com
stats.vlitag.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tag.navdmp.com
tag.vlitag.com
tags.bluekai.com
tags.crwdcntrl.net
tamil.samayam.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trickbd.com
u-ams02.e-planning.net
u.footballfonts.com
ufo.approximity.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
user-sync.adxpremium.services
usermatch.krxd.net
v1.addthisedge.com
waldo.villagesoup.com
www.farmprogress.com
www.fide.com
www.gameinformer.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.heddels.com
www.hrw.org
www.notiziepertutti.com
www.rssing.com
z.moatads.com
ib.adnxs.com
image.itdonga.com
103.229.73.122
104.109.78.125
104.111.242.53
104.17.120.107
104.18.16.65
104.18.17.65
104.19.131.80
104.75.88.126
131.153.42.225
136.144.59.88
139.45.196.200
142.250.185.226
142.250.185.230
142.250.186.34
142.250.186.66
151.1.205.165
151.101.114.133
151.101.114.217
151.101.114.49
151.101.14.133
159.253.128.183
168.119.146.39
172.67.215.136
172.67.8.209
174.129.28.172
178.162.133.149
178.162.133.150
178.250.0.163
18.156.0.31
18.198.69.109
184.30.20.207
185.150.190.192
185.184.8.65
185.29.132.144
185.64.189.110
185.64.190.78
185.64.190.80
185.64.190.81
185.86.139.59
188.120.240.253
188.42.29.196
192.0.77.2
192.0.78.197
192.132.33.46
193.0.160.129
199.232.137.44
199.232.189.171
2.16.186.187
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.40
2.19.35.65
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.100.17.174
211.115.109.71
212.82.100.182
212.83.160.162
213.155.156.181
213.19.147.44
213.19.147.45
216.58.212.130
23.45.99.241
2600:9000:206e:6600:6:44e3:f8c0:93a1
2600:9000:211a:3800:0:5a51:64c9:c681
2600:9000:211a:8a00:9:46dc:4700:93a1
2606:2800:233:23c9:90c:111f:15f5:25b6
2606:4700:10::ac43:8ae
2606:4700:10::ac43:db6
2606:4700:20::681a:34e
2606:4700:20::681a:d0a
2606:4700:20::681a:dab
2606:4700:20::681a:eee
2606:4700:20::ac43:4597
2606:4700:3031::6815:51f2
2606:4700:3032::ac43:8c0d
2606:4700:3032::ac43:b02d
2606:4700:3033::ac43:dcda
2606:4700:3036::ac43:8f11
2606:4700::6810:5814
2606:4700::6810:7fc7
2606:4700::6810:9e11
2606:4700::6810:cf3
2606:4700:e0::ac40:621d
2607:ae80:2::49
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:12a:8000::2
2a00:1288:110:c305::8000
2a00:1450:4001:801::2008
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:7c80:0:121::2
2a02:26f0:120:39a::3126
2a02:26f0:6c00:19e::3a15
2a02:26f0:6c00:2bf::b48
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:ba29
2a02:fa8:8806:12::1370
2a02:fa8:8806:20::2040
2a04:4e42::645
2a05:d018:24:b002:ebbe:4057:3491:6f67
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5142::2
3.122.214.165
3.124.13.188
3.216.128.157
3.219.191.66
34.193.191.157
34.233.101.234
34.243.30.18
34.249.16.8
34.252.147.38
34.98.67.61
35.156.10.121
35.176.232.241
35.186.253.211
35.201.81.244
35.227.248.159
35.241.40.233
37.157.2.236
37.157.6.241
37.157.6.253
37.252.173.22
37.252.173.27
45.60.31.181
45.60.33.181
46.249.52.248
5.178.65.246
5.178.65.252
5.45.86.41
51.222.80.231
51.89.9.252
52.17.241.173
52.29.14.143
52.45.128.104
52.45.55.28
52.59.102.119
52.95.118.60
54.170.215.80
54.194.226.253
54.224.40.151
54.78.251.22
62.149.0.72
66.155.71.150
66.155.71.25
67.199.253.93
68.232.35.16
69.173.144.139
72.21.206.140
72.251.249.13
76.223.111.131
77.245.57.72
80.241.218.178
85.114.159.93
85.25.213.73
87.98.239.3
88.119.160.30
88.214.206.142
89.163.159.106
99.86.241.64
008d3a58eb3ec3580224d176beb685cd9a752bd8df9d9a3373a2638ce88d77a9
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
051539dec31ebbbbef392c29413e79314ab7d04b26c1a3e0a53f08af1d722c8f
05ce236f31539b6d65bd079ff56473dc1837444d90c39131c2861b4d8c4a1439
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
093cf6102b371798506f9f2bfbcdcb9eb4622bb709ec60a2c3ebb7007167220a
0a9811049d63ea8e39cadc8482ddc8ff14b687c86d13de5c426a0302b4e698b9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d684faa13c4b9d92bb521f94889068500d7d0821c20328dcaefb0a47d6dfb8e
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0f1f3c8b41a2d891111ba7340c45b8105dfba7e83ffa9cb3d942859e6aa1cb57
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
105a0004314e788edc714f885e01fd9cc486591a1d86eda2a261e20d58b05708
111f1b12a92609af7eb2019b4c0e41b44c8f4970cc13341ed286f85ceb88df6a
1244f567e046786fd97670369f736209d24011f86fde355a7b01f1232e5dd4a2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
150cd3d3e2b3dc29de7678ba236fea98563d0a8252dad57cd9a9018db2d8a541
1739472e19280b560fe6a57cb3e3844fc934b45c811ad336ce4382bc6be092f2
17c2af45e49d12ee6a70be5a408c480a23d4820c344531d26c30890257bc0eae
18007af8bb5d0e808aa7ab149940631fd7891e2c51a79ccba97ac2d34e658e2d
1804e93c7d77871d5984f3bc595a41ae25366060999363e268a4126cf2b469d7
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1ac8a21cfd7368becaa556699a46cef48108645ade7168a7dde68c907d187a8c
1b79514e7327d6e704249dc3fa45428777045ff8d9eadf9f0f3676a732a4e122
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1d1069b3eeebfff2d32141587e8b9663c74b02a5c173e740f3bc8dcdec122f45
1d3a3d61b24c80ef6086ce8e99fe020e62718a323d1e7073210d4b9d04f470b3
1dbcf017e3268d42cd4fdb734d7f9c82ddf65d593a038407e62cf8c02de1561d
1e77f1d3db87fb1e159dd75e343e697244deabe3edcd0e93283da44355de0087
1f7e07044bfddbd2c44ef39fd9c685a7477cd89f3740466173a231841dcfa85e
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20ae96b79ae5261035666bd241755f51ba69786c44b28aa8dab0e9d5bd6d69a9
219d99c3f8f6b7d984e154c643126f6c979ab2351c90c3470b71ce4c53b7ab9d
22b7a660c8bcc68bf3360105707fd5bacc9f44d1a4ab7a9bde633eb33db728da
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d
257ce7771b1812b07a524440c7d12547bac7218d67f63004026cdd0f018c1c77
2761fd499d4d127b3677a81f2bc1770b0ea4eb57ef014c8be0006860b93bc426
27e561ff3d9747ec9398f85778d694cae2bb77b70c047b9c17f837c1d45b4c75
28a3b77133c269f800659b8d2ce681d6fd20bbb3f028eaed3d2ada04293dc0e3
28a3c914561c1b87909bbf7b41169392b501ca4a655585ce718b43beeaa18b0f
29953e7bf9b5020b546c1409fc4bf1b0720735414057aa408d066cd066ed1ab2
2997bc14c16c7342737a75d153b49c2106d67f74f1a375229816a5dd5b5f5e0a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c0ae306a77ebfb1e0ad96914507f1aa5f38b1099a98fe6d12904b29c50ae21d
2c28f58d97a0b840502b1cbeaf7572a6f54e67abe44fedaa1d7233c1d5dbec5d
2c6b352ee76cf949d5a8e1f209492e80cd72a6fdf32ffe6fa8cac26ac7993be2
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d2ba1c4a3e6529e8500187ad103f8b798bfdab458a78f7e220d394d483b13cf
2ddef05ee7b0caa6fd9be281a5b4e53ada42bff7814578d748144f2f9181e476
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
324d38a4f88db95f565747f181b62c1928cf009804a150975b9d3197ac724693
3455274c447abb3b999d91f30d8148810768d56d3313034d9dfca74bd3834755
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
3646a8f198cb05e97be2d95010b965410fcdba0b99de090b8d81af39aaf4c904
36fc5362005c0957298b05c5d8f7386fe809078d5c1e2153df608157592ecf5a
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
380dc0f2b32c68f27730e2c0dcb9bab05b97103e26ba298a45d43d12979ba855
3a4b216de5c62c0596dcf6ad0eb0d7654ed55061ef55fb01f719cd5bb75eeaed
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3b85f20c9e41361bc3af9a8b329d1625b48ee4d04320c01fad645259d6b038bb
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c4a2dd0cc83810d44e75df5de8fa9372d8809a1c25d38f5a912ad25117fe5d6
3d3d886350d9dd9c1a9796ad7b04c892f77288f5d338cc6a513ed5edd9c22265
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db9817aad542983eb70b0f371cad4a37b48250d7de76938b88c6047f28c8b8c
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fd4728676804bac78e7b92d149c43ef4789ce8dacbab9a44626aa7b0c1ac36a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41ab391037283a4c8256a0d8a67f9833828d253d133eb8221093fcbeb496d252
44696e0daa7b3fd65adaa7243250bfaddc9211978663a6b97e126f11636db8cf
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
454afd54dcccd555fc2c5b416ceb7181d920f79a4516df3789b0e868a2230913
46e6b72f9594ef1af258639c2a03f299c6168d0efa897898c05adb0299a2f97f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4adce11d8a9a727b1695580b0b335d7b5ec57db101744defedefae4fd061275b
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de9dc17b589d0841ec10e0e0c08f0c126f18dced6e69236e13c4974f6e4d533
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e55511c8496c1fddc71c2aec524f85b34a54ed328b52b45dfcdbbf4bb6466e7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50df239441ec4902b3580b8dec706d0b57bef79aae83e5fd7befad7b2eb1d660
535ad238c9a291aa3e4d7e24cf16ad7c96398bb1f9a8e3590320daab393a2262
53a3c4b7c1f98acd0c923e9b726a49e2dd30ac3987cbea148bcff421823397c5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549ab2f9c2dfdee4dbc7632d379c03972b3a1ef2e130fb17f29052e080a117fe
54e4cf5a14a346ff78681451ad4d15c99bf095e2819236dcd4eba1c1129f1e21
55d96dd958e95fc60f46d727d3deb31d285ce300275341e178f784d084fc0c11
57be5f48b1026192d7b3d26fd9e58f65192f99e1d3d7bdd4a8aa6e309f9586cd
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
5a90a3ecb7e28ac78bc33543cb1e12aa10734aef5c847106fdb3e9f278d5bb00
5dddeeaaa013d8400e2a877c46f40e8e1aa041c3a3b300c46887818807fb8b81
609cd16a2f8975d8a1d4aeb49ac9124fb0b3e901276284e6a3e74c8bcb4ec166
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
614a6f34caa2e73d99e4ce27ceb3eff43820816dd12f115770b1ce66a10e6262
631bc9fa39ddcdd4008398e649671ba79db3cc7c1725d7b8cd9823ec243f0a48
6acb9782052da33cacee6758f61864481e69ea55e7ff2fa7234f506c03793bc9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d69299c112491865f0ef50e13095857800b0a5277fb5f523e5cd9e95e679f7
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
753ad890aa212f6b13cdcba6566985206baf5933db91bfcbe4bfd3e9ff088e03
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
75f6903769510c169929a722b6f1fd01cb6871f61b57c0d832a93c86ad45d7ae
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7a1117ff2ebb99a928ecc4478079eebc9d3a6f616586827d1163c68b566989a2
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
7d37d9dee51545d0a63d919e58e51a9b8ecff8f8c75606465d859204d113756c
7d78a3acd036800a8945bad14055147cf59a7401666d6974868fa29168ac5b30
7f753e124425603d0eaca121c8341061705be9e98cbfa2073ae5421faeb56417
802b1e63831a896291891a7bae00b8a3d233bb38c9f5a4610f3abeecfbcc7297
80abc51205bfc46151957da3dd10c9e3a5630f59f83797f5a300bdd6871c2e48
8150655ef735408cc5b1b232ba13fb1d5fac6c4b9780a80d15642e02b4ecc4a9
82e0850d0c5eae20de3a67ffc7f08e25fda13edce9b264ddcb67d03918401d1f
82e28856be24f020163525712b9f055c322909341edff94ba9b483e9cee8792b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834bcb70b8df1fa7df6d4b308cbad725cd6d85b6d5b719f75b5497b6d2587433
83a2ec58ce3a538830517bb4ff957b94ab637f1ad6b7746e73eafb18e4e9f190
8427f3e98880f327b7c58593f43e056df760e2cb7c5fe5d8d4601d36e85ebe5f
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
8575558889eeb30c57d89526429a6b21b10fa4398d5a9970bad24f51278d0bd0
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
887d32d4e81d423e712c52452f7b0de97f852c5d78c54fda33b2333013646252
89c0aca916a03bfc19b26fdc2439690c071e7e5d1e559fa59cf394906efbaa55
8b22ebd3831513f7c16436da86584e07ef8cf59dd0de860603ef0c391e99b371
8cc62db75b97abb08ac7be1790ccc20f23be36da3c4314d7be3d551255b55486
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f50f32f4bfbffac18d03ff2cb705dfb0c359f238e9ad599a4ce32c4dcf00f79
902a0ba9283adc844be3330fd1f854042cc6e341efd77b109c061c58435cd2fb
94107a8c31d8a5e706e805defa4f5b486fe0d24861e36ad7372da7511f8d1b79
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
968106bd5e3b070fea7365377dc7494ff8de7c44524defc0e8e91de7e2280e28
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a34cc3acda298bfaea659208aaa48823b853b6f899422865714bce1750787ec0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56922e26bffe707e55a54e95ed17d14c972e60d41d5f0a1f0b844135c951793
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
a6ef39dd5a19e4fefa492f5f3ab6eea5f4b1b70ddd7052f57e37588c3ae857f8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a762a79bc484923a208f15c1e630015eec1547d1ea2decd80611483500a23d5e
a8c451552af69e8b4566f73f1da49782ae1bd21fcfc852ea6503350e045268a1
a9856cea465ca37fec74b8b06eea04627ecc8f155ac0957126c45d56bcf3e1dc
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abeace4266e8c0b95d5339bba7a58961c41fe2c7ce839c8ebe5d218b2c002f4a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad50c66102938100e3ef9220b685e90ce2b4fde96658077eac2023634681bbf7
ad8c82ef074bd8dfa268f1a2598229838aa03b0b2680ba3318d5a586f78276d3
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152
b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
b4762c192ef2ae48da86d9314849578569b86b7e1d746b467eb1d8ab3fb37b9e
b62b04186cfc9a4527dcb4b954ef606ddeecd4ebe39af962435f7b0d58cb68d0
b845a522a9cc2a9273fa8b9b656e6afe636905116d8df6b8f3427010f09ec4c2
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be634f677ccb5ec45c00ec648b8b47529b36779c1888da92e8a6876f5a8decc7
c139af1b5fc5af7acdcff1a46649e473be03958ece51788eb0423dde4c67c013
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2423cbc3081a6d26022031366660f7900aa5cb280fd91f7a3b80777332b1a54
c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc
c42f64e27f6e9edd2deaa328be7465cb135ca779f7761d723644b44248d93713
c5cef3d2006a83d93c1672697f64fd54a4fe155162142cd3d8b573b7bfc70315
c6e72b54f2b4819f3e8506b0647272f27a07f46bfac024f18c9798c94762b2ab
c6e9ce1afd5b7e4917088b710a13510de6399c7f95c29cd73334902d0b874720
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
cc8c3cf5a11b48fbcec6417101dae9263ad7e60fa75d42a1ca424322daa97f52
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0255522bfc537b4e9ffa744b11a7aae4f90e122dd17fa2ca8537889082ff249
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e
d6dd3478836e21a721fa292557dbae05259b3d55d050e430d51b41b73a9c8693
d6e49595fa1bc368386b2c17457d49616b5304a9045ea1f96590ab113f1efba4
d7f2fbe414e0b79e516fec53f54d6ef6c914cea4e6ad1e804bbd762ad8332dd2
d8c3622d2bd6045cc9d85820972dbc1be5838ee2b0b18dc215a726967fc3bf85
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
d9b07f182a7010f77ebe9f05d09268aa07ffb435f4f6b15e37c442c49e01a60b
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
de750f5a476ca13b2ef6e73c92e936ea35a2ab057553b5c353a04040e74e1409
de7675d8eef54778b9fde2592387967cb40d1c278f44fbb2fa3143b97fbb1433
de77ce2b86d7850b547864161f6d4772c62631d8937414dd054bbf7dff27c761
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deac8492ec6806c4b8a2ca07f7d26c5e4faf78fe6a80090c57742005daf939c2
def71a10ebaddc43aa9404a5071b8580f023260ec128cf97a20eb86990fa038e
dfe8ce0a3df3abd5e7a506f14f85f19c99a897b4a050ea4b2eead89445f25821
e05e60774d595a300c1856654ba3b059d2ba25bf262a000fa798d0358f255305
e06a514cbfd96db7eee9417490caa846dd98631e2bfba78a832bb031072e4ece
e127db06aa78d74b81800864cd6e5b2917d5836ce69ba9ec7e8f277393eac8f2
e1fb30bf5acb29621012b6283f7c3398c2ded7ac4adcc1d41eaaef6244a931dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e51b8a213ba36235303df692d1653b7a152c5d692709ac360f51bad15e44ac98
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e6bc818494c207b0e9348d0c59764d09f2952298d727766f3d0a4641e903a8ee
e913a9ae4e4243ba99dfd78bff7e1af7729fbb4cb1c192fffcb3c06b39a3721f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f144441391ff81772d6f60ba9138e81f0a78f76739f2d123aa6d09cca8920f66
f19425ffff8a0b8ca4cb14be30b3e3f1bd3dd56ba2d7899c66ec72ad0629b9c2
f19bfde9b538d1a1e4237a205dd3824d1db759a82492e442581fa9bf5aa39cef
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f38c015c70874f56e3deb74c902049d24e2de512513cddff7b03f5730cbffd82
f3ee1cdc7144e4539afae36a7be015b7d83711f150f767eff5fd896d92060aa2
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f7acfa410a7369f69bcb885968b0729da769fec20822d8bdd75720be4271538f
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
f84fb53333e100ebc1882efd548d38670bfe60947b4285ae3025e03ea64239d6
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fc198c155465e4c9387ea08982c849c6819ab02ae5a8f9fe4068014aa0d6522b
fd4adb719e4d405010452439e4c8742129a77db1c12ae1e06a0fe1a2f9590233
ffb6273334bf458133e8750475a0984a7360b978b996b611ac559c6a569e1863