urlscan.io logo urlscan.io
SecurityTrails logo

duperb-shop.ngontinh24.com Open in urlscan Pro
2606:4700:3031::6815:28fa  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://duperb.shop/
Effective URL: https://duperb-shop.ngontinh24.com/
Submission: On January 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 168 IPs in 12 countries across 158 domains to perform 1015 HTTP transactions. The main IP is 2606:4700:3031::6815:28fa, located in United States and belongs to CLOUDFLARENET, US. The main domain is duperb-shop.ngontinh24.com.
TLS certificate: Issued by GTS CA 1P5 on December 4th 2023. Valid for: 3 months.
This is the only time duperb-shop.ngontinh24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2600:3c00:1::... 63949 (AKAMAI-LI...)
35 2607:f8b0:400... 15169 (GOOGLE)
19 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 21 2607:f8b0:400... 15169 (GOOGLE)
13 35.186.236.140 15169 (GOOGLE)
1 19 2603:c020:400... 31898 (ORACLE-BM...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 54.192.51.94 16509 (AMAZON-02)
3 3.161.213.43 16509 (AMAZON-02)
3 141.95.98.65 16276 (OVH)
9 104.36.115.111 62713 (AS-PUBMATIC)
9 3.213.2.212 14618 (AMAZON-AES)
9 147.182.176.100 14061 (DIGITALOC...)
19 31 68.67.160.186 29990 (ASN-APPNEX)
1 17 3.219.128.200 14618 (AMAZON-AES)
9 34.120.63.153 396982 (GOOGLE-CL...)
22 34.149.50.64 396982 (GOOGLE-CL...)
9 2607:f350:3:2... 27630 (AS-XFERNET)
17 34.227.125.34 14618 (AMAZON-AES)
2 22 147.28.129.140 54825 (PACKET)
1 35 54.68.105.82 16509 (AMAZON-02)
9 2602:803:c002... 26667 (RUBICONPR...)
3 16 35.186.253.211 15169 (GOOGLE)
1 19 159.89.246.130 14061 (DIGITALOC...)
1 13.225.195.72 16509 (AMAZON-02)
4 3.232.158.174 14618 (AMAZON-AES)
1 2a04:4e42:600... 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2620:100:a001::4 19750 (AS-CRITEO)
1 13.225.195.75 16509 (AMAZON-02)
1 2600:9000:21a... 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
9 3.161.212.32 16509 (AMAZON-02)
2 52.85.107.191 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
97 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
3 23.220.132.230 16625 (AKAMAI-AS)
6 11 35.244.154.8 396982 (GOOGLE-CL...)
1 5 107.178.254.65 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 3 52.26.6.186 16509 (AMAZON-02)
1 35.190.39.111 15169 (GOOGLE)
3 5 2600:1f1c:a99... 16509 (AMAZON-02)
2 35.169.211.189 14618 (AMAZON-AES)
4 10 2607:f8b0:400... 15169 (GOOGLE)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 24 35.244.159.8 15169 (GOOGLE)
4 2607:f8b0:402... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2620:100:a001... 19750 (AS-CRITEO)
2 20 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
3 28 52.46.151.131 16509 (AMAZON-02)
3 6 2600:1f18:4e9... 14618 (AMAZON-AES)
23 25 35.71.131.137 16509 (AMAZON-02)
23 75 172.253.122.156 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.253.63.148 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:269... 16509 (AMAZON-02)
1 52.19.72.183 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
18 19 35.211.178.172 15169 (GOOGLE)
4 4 35.214.246.118 15169 (GOOGLE)
19 20 69.194.240.13 26120 (RHYTHMONE)
5 5 2620:112:f002... 6336 (TURN-US-ASN)
4 4 2600:9000:215... 16509 (AMAZON-02)
4 12 51.222.239.230 16276 (OVH)
5 5 34.150.170.96 396982 (GOOGLE-CL...)
2 6 35.208.249.213 15169 (GOOGLE)
12 12 64.202.112.127 22075 (AS-OUTBRAIN)
7 8 216.22.16.52 30633 (LEASEWEB-...)
4 9 107.23.135.200 14618 (AMAZON-AES)
16 23.50.125.215 16625 (AKAMAI-AS)
7 10 198.148.27.131 19189 (PULSEPOINT)
5 7 35.71.139.29 16509 (AMAZON-02)
10 2607:f8b0:400... 15169 (GOOGLE)
9 54.147.254.41 14618 (AMAZON-AES)
11 13 34.200.65.202 14618 (AMAZON-AES)
15 54.87.127.173 14618 (AMAZON-AES)
2 2 5.161.188.99 213230 (HETZNER-C...)
7 7 54.198.173.106 14618 (AMAZON-AES)
6 6 52.7.115.38 14618 (AMAZON-AES)
1 2 169.197.150.8 398989 (DEEPINTENT)
6 6 185.167.164.43 198622 (ADFORM)
7 23.193.120.208 16625 (AKAMAI-AS)
1 1 211.120.53.202 4694 (IDCF IDC ...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
6 6 184.25.43.188 16625 (AKAMAI-AS)
2 43 172.66.41.9 13335 (CLOUDFLAR...)
8 23.50.124.22 16625 (AKAMAI-AS)
3 19 184.84.136.23 16625 (AKAMAI-AS)
12 12 2606:ae80:147... 25751 (VALUECLICK)
3 162.19.138.117 16276 (OVH)
1 3.161.213.66 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
25 47 69.173.151.100 26667 (RUBICONPR...)
2 23.40.207.41 20940 (AKAMAI-ASN1)
1 4 104.36.113.112 62713 (AS-PUBMATIC)
1 34.111.60.239 396982 (GOOGLE-CL...)
16 21 162.19.138.118 16276 (OVH)
1 142.251.16.156 15169 (GOOGLE)
1 67.220.226.238 16509 (AMAZON-02)
10 10 52.7.200.174 14618 (AMAZON-AES)
3 4 23.92.190.69 32475 (SINGLEHOP...)
1 1 2600:9000:21a... 16509 (AMAZON-02)
2 3 2600:9000:215... 16509 (AMAZON-02)
2 54.192.51.9 16509 (AMAZON-02)
1 23.40.207.64 20940 (AKAMAI-ASN1)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 139.162.84.221 63949 (AKAMAI-LI...)
4 4 20.127.253.7 8075 (MICROSOFT...)
3 3 69.90.254.78 13768 (COGECO-PEER1)
3 3 54.209.20.238 14618 (AMAZON-AES)
2 2 38.98.69.175 174 (COGENT-174)
1 1 20.253.86.149 8075 (MICROSOFT...)
2 2 23.222.5.87 20940 (AKAMAI-ASN1)
1 141.226.124.48 200478 (TABOOLA-AS)
1 2 23.50.125.47 16625 (AKAMAI-AS)
1 5 216.22.16.57 30633 (LEASEWEB-...)
30 40 104.36.113.107 62713 (AS-PUBMATIC)
22 34 162.248.18.32 62713 (AS-PUBMATIC)
2 3.217.69.99 14618 (AMAZON-AES)
8 14 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
3 6 104.36.113.111 62713 (AS-PUBMATIC)
2 4 3.223.218.249 14618 (AMAZON-AES)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 202.233.84.1 131957 (MICROAD M...)
7 18 104.18.36.155 13335 (CLOUDFLAR...)
1 2 67.202.105.31 32748 (STEADFAST)
1 67.202.105.33 32748 (STEADFAST)
1 1 2600:1f18:765... 14618 (AMAZON-AES)
4 4 2607:f350:3:2... 27630 (AS-XFERNET)
4 4 174.137.133.32 27257 (WEBAIR-IN...)
7 8 23.92.190.68 32475 (SINGLEHOP...)
1 2 63.251.28.133 13789 (INTERNAP-...)
1 1 8.2.110.161 46636 (NATCOWEB)
10 12 199.38.167.131 54312 (ROCKETFUEL)
1 1 52.204.206.150 14618 (AMAZON-AES)
7 16 67.202.105.24 32748 (STEADFAST)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
2 2 192.132.33.67 18568 (BIDTELLECT)
3 3 74.119.119.150 19750 (AS-CRITEO)
1 3.224.6.94 14618 (AMAZON-AES)
1 52.203.254.189 14618 (AMAZON-AES)
2 23.205.106.182 20940 (AKAMAI-ASN1)
1 104.16.112.121 13335 (CLOUDFLAR...)
10 67.205.191.172 14061 (DIGITALOC...)
1 2600:9000:215... 16509 (AMAZON-02)
1 3.229.125.131 14618 (AMAZON-AES)
12 12 52.202.180.1 14618 (AMAZON-AES)
8 8 13.225.195.65 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 44.210.41.244 14618 (AMAZON-AES)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 23.21.51.122 14618 (AMAZON-AES)
4 4 207.198.113.87 13768 (COGECO-PEER1)
2 172.64.152.89 13335 (CLOUDFLAR...)
12 172.253.63.154 15169 (GOOGLE)
1 52.31.131.200 16509 (AMAZON-02)
2 54.192.51.76 16509 (AMAZON-02)
3 2600:1408:c40... 20940 (AKAMAI-ASN1)
3 8 168.119.72.236 24940 (HETZNER-AS)
2 2 23.105.12.136 30633 (LEASEWEB-...)
2 2 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2 37.157.6.254 198622 (ADFORM)
1 1 47.252.78.131 45102 (ALIBABA-C...)
2 2 82.145.213.8 39832 (NO-OPERA)
1 1 172.240.155.116 7979 (SERVERS-COM)
2 2 35.207.24.140 15169 (GOOGLE)
5 34.117.239.71 396982 (GOOGLE-CL...)
1 3.161.213.19 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 18.215.90.210 14618 (AMAZON-AES)
1 1 147.135.71.152 16276 (OVH)
2 4 44.206.92.227 14618 (AMAZON-AES)
1 54.192.51.42 16509 (AMAZON-02)
1 2 38.68.201.140 174 (COGENT-174)
2 2 45.137.176.88 60350 (VP)
1 1 107.21.19.202 14618 (AMAZON-AES)
1 1 23.108.102.14 59253 (LEASEWEB-...)
1 3.227.185.122 14618 (AMAZON-AES)
1 2607:4f00:925... 55081 (24SHELLS)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
2 3 131.153.203.243 20454 (SSASN2)
1 2 131.153.242.59 19437 (SS-ASH)
2 2 96.46.186.59 7979 (SERVERS-COM)
1 104.36.115.123 62713 (AS-PUBMATIC)
1 69.173.151.96 26667 (RUBICONPR...)
1 1 52.20.53.186 14618 (AMAZON-AES)
1 10 54.192.51.7 16509 (AMAZON-02)
3 23.227.146.18 55081 (24SHELLS)
1 1 131.153.172.94 19437 (SS-ASH)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 199.38.167.154 54312 (ROCKETFUEL)
2 2 213.19.162.90 26667 (RUBICONPR...)
9 9 134.122.57.34 14061 (DIGITALOC...)
2 3 151.101.130.49 54113 (FASTLY)
2 2 173.231.178.116 32475 (SINGLEHOP...)
1 1 192.96.203.13 30633 (LEASEWEB-...)
2 2 216.200.232.253 30419 (MEDIAMATH...)
2 2 184.26.74.213 16625 (AKAMAI-AS)
1 1 172.105.221.240 63949 (AKAMAI-LI...)
1 2 34.202.106.150 14618 (AMAZON-AES)
1 54.90.34.250 14618 (AMAZON-AES)
1 52.45.141.6 14618 (AMAZON-AES)
1 13.225.195.104 16509 (AMAZON-02)
1 2 54.156.26.12 14618 (AMAZON-AES)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 34.193.243.45 14618 (AMAZON-AES)
1 13.58.246.115 16509 (AMAZON-02)
3 13.225.195.109 16509 (AMAZON-02)
2 35.244.193.51 ()
1015 168
1    2606:4700:3031::ac43:8c7d (United States)

ASN13335 (CLOUDFLARENET, US)
duperb.shop
5    2606:4700:3031::6815:28fa (United States)

ASN13335 (CLOUDFLARENET, US)
duperb-shop.ngontinh24.com
1    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2600:3c00:1::2d4f:f28f (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
monu.delivery
35    2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    2607:f8b0:4004:c06::8a (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2607:f8b0:4004:c1d::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
21    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
13    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
19    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
monumetric.technoratimedia.com
sync.technoratimedia.com
2    2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    54.192.51.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-94.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
3    3.161.213.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-43.yul62.r.cloudfront.net
client.aps.amazon-adsystem.com
aa.agkn.com
3    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
api.id5-sync.com
id5-sync.com
9    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    3.213.2.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-2-212.compute-1.amazonaws.com
hb.minutemedia-prebid.com
9    147.182.176.100 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebid.cootlogix.com
31    68.67.160.186 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
17    3.219.128.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-128-200.compute-1.amazonaws.com
ads.yieldmo.com
9    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
22    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
9    2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
17    34.227.125.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-125-34.compute-1.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
22    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
35    54.68.105.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-105-82.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
visitor-us-west-2.omnitagjs.com
9    2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
16    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
19    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
1    13.225.195.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-72.yul62.r.cloudfront.net
js.gumgum.com
4    3.232.158.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-158-174.compute-1.amazonaws.com
btlr.sharethrough.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    13.225.195.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-75.yul62.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:21a2:aa00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
9    3.161.212.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-212-32.yul62.r.cloudfront.net
aax.amazon-adsystem.com
2    52.85.107.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-107-191.yul62.r.cloudfront.net
c.amazon-adsystem.com
4    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
97    2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
3    23.220.132.230 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-230.deploy.static.akamaitechnologies.com
stags.bluekai.com
x.dlx.addthis.com
11    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
5    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.26.6.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-6-186.us-west-2.compute.amazonaws.com
loadus.exelator.com
load.exelator.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
5    2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2 (San Jose, United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
cms.quantserve.com
2    35.169.211.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-211-189.compute-1.amazonaws.com
bcp.crwdcntrl.net
10    2607:f8b0:4004:c09::67 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
24    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
bloggernetwork-d.openx.net
4    2607:f8b0:4023:1413::78 (Columbus, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
5    2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
20    2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
9    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
28    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    2600:1f18:4e9:5a05:6096:7d74:cf85:e5f3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
25    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
75    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
1    2607:f8b0:4004:c09::8b (Ashburn, United States)

ASN15169 (GOOGLE, US)
mts0.google.com
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.253.63.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f148.1e100.net
ad.doubleclick.net
1    2600:9000:215f:4a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:269f:9400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    52.19.72.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-72-183.eu-west-1.compute.amazonaws.com
nmcsync.imrworldwide.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
19    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
4    35.214.246.118 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 118.246.214.35.bc.googleusercontent.com
csync.loopme.me
20    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    2600:9000:215f:a000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
12    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
5    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
6    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
gtrace.mediago.io
12    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
8    216.22.16.52 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
9    107.23.135.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-135-200.compute-1.amazonaws.com
match.sharethrough.com
16    23.50.125.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-215.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
7    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
10    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
9    54.147.254.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-254-41.compute-1.amazonaws.com
protected-by.clarium.io
13    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
15    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
2    5.161.188.99 (Ashburn, United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.99.188.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
7    54.198.173.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-173-106.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    52.7.115.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-115-38.compute-1.amazonaws.com
sync.ipredictive.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
6    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    23.193.120.208 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-120-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    211.120.53.202 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    184.25.43.188 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-43-188.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
43    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3070.infolinks.com
8    23.50.124.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-124-22.deploy.static.akamaitechnologies.com
contextual.media.net
19    184.84.136.23 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-84-136-23.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
cs.media.net
12    2606:ae80:1471:16::760 (United States)

ASN25751 (VALUECLICK, US)
pulsepoint-match.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
3    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    3.161.213.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-66.yul62.r.cloudfront.net
cdn.mediago.io
1    2607:f8b0:4004:c06::94 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
47    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
2    23.40.207.41 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-41.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
4    104.36.113.112 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    34.111.60.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.60.111.34.bc.googleusercontent.com
images.mediago.io
21    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
googleads4.g.doubleclick.net
1    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
10    52.7.200.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-200-174.compute-1.amazonaws.com
match.prod.bidr.io
4    23.92.190.69 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    2600:9000:21a2:4a00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    2600:9000:215f:d200:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
2    54.192.51.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-9.yul62.r.cloudfront.net
sync1.intentiq.com
1    23.40.207.64 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-64.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    139.162.84.221 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1564-221.members.linode.com
a.c.appier.net
4    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
3    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    54.209.20.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-20-238.compute-1.amazonaws.com
pm.w55c.net
2    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
1    20.253.86.149 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    23.222.5.87 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-5-87.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    23.50.125.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-47.deploy.static.akamaitechnologies.com
sync.teads.tv
5    216.22.16.57 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
40    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
34    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    3.217.69.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-69-99.compute-1.amazonaws.com
rtb.adentifi.com
14    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
6    104.36.113.111 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    3.223.218.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-218-249.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
18    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
2    67.202.105.31 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
hde.tynt.com
1    2600:1f18:765:4800:7681:18d0:4c60:ba77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pxl.iqm.com
4    2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
8    23.92.190.68 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    63.251.28.133 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
12    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
1    52.204.206.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-206-150.compute-1.amazonaws.com
ssp.disqus.com
16    67.202.105.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.67.bidtellect.com
bttrack.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    3.224.6.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-6-94.compute-1.amazonaws.com
cs.minutemedia-prebid.com
1    52.203.254.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-254-189.compute-1.amazonaws.com
exchange.mediavine.com
2    23.205.106.182 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-182.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    104.16.112.121 (None, )

ASN13335 (CLOUDFLARENET, US)
cs.seedtag.com
10    67.205.191.172 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
1    2600:9000:215f:3e00:1b:fdeb:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.serverbid.com
1    3.229.125.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-125-131.compute-1.amazonaws.com
sync-pm.ads.yieldmo.com
12    52.202.180.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-180-1.compute-1.amazonaws.com
i.liadm.com
8    13.225.195.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-65.yul62.r.cloudfront.net
live.rezync.com
2    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    44.210.41.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-41-244.compute-1.amazonaws.com
bpi.rtactivate.com
1    2606:4700:4400::ac40:97ee (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    23.21.51.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-51-122.compute-1.amazonaws.com
aorta.clickagy.com
4    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
12    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
www.googleadservices.com
1    52.31.131.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-131-200.eu-west-1.compute.amazonaws.com
synchrobox.adswizz.com
2    54.192.51.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-76.yul62.r.cloudfront.net
cdn.adswizz.com
delivery-cdn-cf.adswizz.com
3    2600:1408:c400:6b::17db:9a12 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
8    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
2    23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
2    2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    172.240.155.116 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
5    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    3.161.213.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-19.yul62.r.cloudfront.net
api.intentiq.com
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    18.215.90.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-90-210.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    147.135.71.152 (United States)

ASN16276 (OVH, FR)
PTR: ns105964.ip-147-135-71.us
tracker.exchange.amitydigital.io
4    44.206.92.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-92-227.compute-1.amazonaws.com
dpm.demdex.net
1    54.192.51.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-42.yul62.r.cloudfront.net
api-2-0.spot.im
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    107.21.19.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-202.compute-1.amazonaws.com
jadserve.postrelease.com
1    23.108.102.14 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
1    3.227.185.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-185-122.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    2607:4f00:925:0:3eec:efff:fed0:87d6 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
1    2600:1408:c400:6b::17db:9a0a (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
3    131.153.203.243 (United States)

ASN20454 (SSASN2, US)
id.a-mx.com
2    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
c3.a-mo.net
id.rtb.mx
2    96.46.186.59 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    104.36.115.123 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    52.20.53.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-53-186.compute-1.amazonaws.com
sync.crwdcntrl.net
10    54.192.51.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-7.yul62.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
3    23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
1    131.153.172.94 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
2    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    2600:1f18:ed:550e:4627:d3aa:1545:e04b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    199.38.167.154 (United States)

ASN54312 (ROCKETFUEL, US)
ewr-495.ewr-rtb1.rfihub.com
2    213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
9    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    173.231.178.116 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-8.sys.adgear.com
cm.adgrx.com
1    192.96.203.13 (Dunellen, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    184.26.74.213 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-74-213.deploy.static.akamaitechnologies.com
px.owneriq.net
1    172.105.221.240 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com
gocm.c.appier.net
2    34.202.106.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-106-150.compute-1.amazonaws.com
thrtle.com
1    54.90.34.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-34-250.compute-1.amazonaws.com
crb.kargo.com
1    52.45.141.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-141-6.compute-1.amazonaws.com
sync.bfmio.com
1    13.225.195.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-104.yul62.r.cloudfront.net
sb.scorecardresearch.com
2    54.156.26.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com
ps.eyeota.net
1    2600:1f18:612b:4264:df:b383:583f:64cb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    34.193.243.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-243-45.compute-1.amazonaws.com
beacon.krxd.net
1    13.58.246.115 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-246-115.us-east-2.compute.amazonaws.com
secure-us.imrworldwide.com
3    13.225.195.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-109.yul62.r.cloudfront.net
choices.trustarc.com
2    35.244.193.51 (None, )

ASN- ()
lexicon.33across.com
Apex Domain
Subdomains		 Transfer
139 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
1 MB
110 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
ad.doubleclick.net — Cisco Umbrella Rank: 199
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
597 KB
101 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
image2.pubmatic.com — Cisco Umbrella Rank: 1555
image8.pubmatic.com — Cisco Umbrella Rank: 1098
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
image4.pubmatic.com — Cisco Umbrella Rank: 2201
ow.pubmatic.com — Cisco Umbrella Rank: 2373
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
81 KB
81 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2989
157 KB
43 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 8093
router.infolinks.com — Cisco Umbrella Rank: 4633
rt3070.infolinks.com — Cisco Umbrella Rank: 92787
113 KB
42 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1007
oajs.openx.net — Cisco Umbrella Rank: 2214
google-bidout-d.openx.net — Cisco Umbrella Rank: 2217
us-u.openx.net — Cisco Umbrella Rank: 930
u.openx.net — Cisco Umbrella Rank: 1108
bloggernetwork-d.openx.net — Cisco Umbrella Rank: 133083
7 KB
42 amazon-adsystem.com
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 18035
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
91 KB
36 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
contextual.media.net — Cisco Umbrella Rank: 1093
warp.media.net — Cisco Umbrella Rank: 3492
lg3.media.net — Cisco Umbrella Rank: 7860
hblg.media.net — Cisco Umbrella Rank: 2922
cs.media.net — Cisco Umbrella Rank: 1972
223 KB
35 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3973
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
visitor-us-west-2.omnitagjs.com — Cisco Umbrella Rank: 6882
18 KB
33 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2297
js.gumgum.com — Cisco Umbrella Rank: 7595
rtb.gumgum.com — Cisco Umbrella Rank: 2293
usersync.gumgum.com — Cisco Umbrella Rank: 3044
60 KB
31 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
secure.adnxs.com — Cisco Umbrella Rank: 793
23 KB
30 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187
www.google.com — Cisco Umbrella Rank: 6
mts0.google.com — Cisco Umbrella Rank: 7251
137 KB
26 id5-sync.com
api.id5-sync.com — Cisco Umbrella Rank: 19246
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
93 KB
25 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1511
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
events-ssc.33across.com — Cisco Umbrella Rank: 2724
lexicon.33across.com
14 KB
25 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
12 KB
25 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
assets.a-mo.net — Cisco Umbrella Rank: 2362
c3.a-mo.net — Cisco Umbrella Rank: 23601
18 KB
23 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 2270
cs.seedtag.com — Cisco Umbrella Rank: 14340
17 KB
20 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3547
sync.serverbid.com — Cisco Umbrella Rank: 23574
x.serverbid.com — Cisco Umbrella Rank: 16983
6 KB
19 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
9 KB
19 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 6397
sync.cootlogix.com — Cisco Umbrella Rank: 4443
21 KB
19 technoratimedia.com
monumetric.technoratimedia.com — Cisco Umbrella Rank: 70940
sync.technoratimedia.com — Cisco Umbrella Rank: 3411
12 KB
18 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
ssum.casalemedia.com — Cisco Umbrella Rank: 2058
dsum.casalemedia.com — Cisco Umbrella Rank: 2867
13 KB
18 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 13277
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
csync.smartadserver.com — Cisco Umbrella Rank: 4310
sync.smartadserver.com — Cisco Umbrella Rank: 2055
27 KB
18 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
7 KB
18 gstatic.com
csi.gstatic.com
fonts.gstatic.com
www.gstatic.com
195 KB
18 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 18150
7 KB
17 monu.delivery
monu.delivery — Cisco Umbrella Rank: 49947
imps.monu.delivery — Cisco Umbrella Rank: 61418
185 KB
14 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
i6.liadm.com — Cisco Umbrella Rank: 4366
8 KB
14 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
2 KB
13 adswizz.com
synchrobox.adswizz.com — Cisco Umbrella Rank: 15947
cdn.adswizz.com — Cisco Umbrella Rank: 31293
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 5299
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 8107
27 KB
13 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
ewr-495.ewr-rtb1.rfihub.com — Cisco Umbrella Rank: 272905
a.rfihub.com — Cisco Umbrella Rank: 5072
17 KB
13 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
7 KB
13 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
717 KB
13 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1894
match.sharethrough.com — Cisco Umbrella Rank: 797
3 KB
13 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 4534
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
12 KB
12 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
12 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1432
ap.lijit.com — Cisco Umbrella Rank: 998
7 KB
12 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 15267
dclk-match.dotomi.com — Cisco Umbrella Rank: 5728
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770
33across-match.dotomi.com — Cisco Umbrella Rank: 7705
4 KB
12 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
6 KB
12 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
6 KB
11 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
id.rlcdn.com — Cisco Umbrella Rank: 1360
2 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 323
207 KB
10 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 881
9 KB
10 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 5013
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 3088
4 KB
9 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435
5 KB
9 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 2370
2 KB
8 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2667
3 KB
8 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2302
6 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
cm.adform.net — Cisco Umbrella Rank: 1664
4 KB
8 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1925
cdn.mediago.io — Cisco Umbrella Rank: 9164
images.mediago.io — Cisco Umbrella Rank: 6530
gtrace.mediago.io — Cisco Umbrella Rank: 6276
95 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
3 KB
7 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
2 KB
7 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
3 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
d.turn.com — Cisco Umbrella Rank: 2160
3 KB
6 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1479
sync1.intentiq.com — Cisco Umbrella Rank: 2959
api.intentiq.com — Cisco Umbrella Rank: 2042
6 KB
6 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
3 KB
6 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 5418
dis.eu.criteo.com — Cisco Umbrella Rank: 16038
dis.criteo.com — Cisco Umbrella Rank: 943
10 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
imasdk.googleapis.com — Cisco Umbrella Rank: 639
138 KB
5 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2616
mweb.ck.inmobi.com — Cisco Umbrella Rank: 7777
3 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
cms.quantserve.com — Cisco Umbrella Rank: 1348
11 KB
5 pippio.com
pippio.com — Cisco Umbrella Rank: 1480
1004 B
5 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020
creativecdn.com — Cisco Umbrella Rank: 809
4 KB
5 ngontinh24.com
duperb-shop.ngontinh24.com
33 KB
4 spotim.market
s.spotim.market — Cisco Umbrella Rank: 6145
sync.spotim.market — Cisco Umbrella Rank: 5483
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
3 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
2 KB
4 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2504
2 KB
4 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2466
ad.360yield.com — Cisco Umbrella Rank: 995
1 KB
4 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 12257
pmp.mxptint.net — Cisco Umbrella Rank: 10897
2 KB
4 akamaihd.net
pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 25250
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3016
86 KB
4 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
2 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
1 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
13 KB
3 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 1542
20 KB
3 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2556
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2881
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
2 KB
3 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6389
cm.mgid.com — Cisco Umbrella Rank: 2182
1 KB
3 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2424
hde.tynt.com — Cisco Umbrella Rank: 4884
6 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
2 KB
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2278
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
856 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396 Failed
917 B
3 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2633
nmcsync.imrworldwide.com — Cisco Umbrella Rank: 14116
secure-us.imrworldwide.com — Cisco Umbrella Rank: 3500
2 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1738
api.btloader.com — Cisco Umbrella Rank: 1905
18 KB
3 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 2319
load.exelator.com — Cisco Umbrella Rank: 9822
3 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
1 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
595 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2386
686 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 3952
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2472
1013 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2456
2 KB
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2147
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1932
904 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1758
1 KB
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 3291
219 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1566
694 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1732
523 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2030
288 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
609 B
2 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2641
2 KB
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 9734
gocm.c.appier.net — Cisco Umbrella Rank: 4327
1023 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1629
730 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 4814
548 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1774
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1624
692 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2295
162 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
317 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
339 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 2179
176 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 3039
184 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
2 KB
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 3080
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1708
360 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 3673
473 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2988
351 B
1 rtb.mx
id.rtb.mx — Cisco Umbrella Rank: 4918
477 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 7994
616 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3475
3 KB
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3407
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2711
581 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
599 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 3351
459 B
1 amitydigital.io
tracker.exchange.amitydigital.io — Cisco Umbrella Rank: 14931
447 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 2493
666 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 5654
287 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 3645
655 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 3888
558 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1753
187 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2608
274 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2818
272 B
1 iqm.com
pxl.iqm.com — Cisco Umbrella Rank: 4000
505 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 14049
464 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 9298
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1916
375 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8834
553 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
653 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2303
556 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
107 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
830 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1200
391 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
645 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4842
494 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2532
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
900 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
91 KB
1 duperb.shop
duperb.shop
463 B
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mdhv.io Failed
jelly.mdhv.io Failed
0 avct.cloud Failed
ads.avct.cloud Failed
1015 158
Domain Requested by
97 tpc.googlesyndication.com googleads.g.doubleclick.net
duperb-shop.ngontinh24.com
cdn.confiant-integrations.net
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
www.gstatic.com
tpc.googlesyndication.com
67 cm.g.doubleclick.net 23 redirects google-bidout-d.openx.net
rtb.gumgum.com
s.amazon-adsystem.com
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
duperb-shop.ngontinh24.com
35 pagead2.googlesyndication.com duperb-shop.ngontinh24.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
34 image8.pubmatic.com 22 redirects ads.pubmatic.com
29 simage2.pubmatic.com 22 redirects s.amazon-adsystem.com
ads.pubmatic.com
29 router.infolinks.com 2 redirects resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
duperb-shop.ngontinh24.com
29 pixel.rubiconproject.com 15 redirects s.amazon-adsystem.com
router.infolinks.com
28 s.amazon-adsystem.com 3 redirects client.aps.amazon-adsystem.com
google-bidout-d.openx.net
duperb-shop.ngontinh24.com
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
match.sharethrough.com
bh.contextweb.com
ads.pubmatic.com
ssum-sec.casalemedia.com
25 match.adsrvr.org 23 redirects monu.delivery
sync.serverbid.com
23 id5-sync.com 16 redirects cdn.id5-sync.com
duperb-shop.ngontinh24.com
monu.delivery
23 ib.adnxs.com 11 redirects monu.delivery
s.amazon-adsystem.com
duperb-shop.ngontinh24.com
a.rfihub.com
22 prebid.a-mo.net 2 redirects monu.delivery
s.amazon-adsystem.com
duperb-shop.ngontinh24.com
22 s.seedtag.com monu.delivery
s.amazon-adsystem.com
cs.seedtag.com
ads.pubmatic.com
22 securepubads.g.doubleclick.net 2 redirects monu.delivery
securepubads.g.doubleclick.net
duperb-shop.ngontinh24.com
www.googletagservices.com
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
19 x.bidswitch.net 18 redirects a.rfihub.com
19 googleads.g.doubleclick.net 4 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
duperb-shop.ngontinh24.com
19 fundingchoicesmessages.google.com duperb-shop.ngontinh24.com
pagead2.googlesyndication.com
18 us-u.openx.net 3 redirects google-bidout-d.openx.net
u.openx.net
bloggernetwork-d.openx.net
sync.richaudience.com
us-u.openx.net
visitor.omnitagjs.com
a.rfihub.com
18 monumetric.technoratimedia.com monu.delivery
17 ads.yieldmo.com 1 redirects monu.delivery
ads.yieldmo.com
16 ssc-cms.33across.com 7 redirects cs.seedtag.com
hde.tynt.com
de.tynt.com
duperb-shop.ngontinh24.com
16 eus.rubiconproject.com s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
monu.delivery
cs.seedtag.com
hde.tynt.com
visitor.omnitagjs.com
sync.cootlogix.com
16 rtb.openx.net 3 redirects monu.delivery
bloggernetwork-d.openx.net
15 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
s.amazon-adsystem.com
15 g2.gumgum.com monu.delivery
js.gumgum.com
14 pixel.tapad.com 8 redirects s.amazon-adsystem.com
router.infolinks.com
ads.yieldmo.com
bloggernetwork-d.openx.net
14 token.rubiconproject.com 6 redirects eus.rubiconproject.com
s.amazon-adsystem.com
14 visitor.omnitagjs.com 1 redirects s.amazon-adsystem.com
cs.seedtag.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
s.spotim.market
13 sync.1rx.io 13 redirects
13 www.googletagservices.com googleads.g.doubleclick.net
duperb-shop.ngontinh24.com
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
blank
www.googletagservices.com
13 imps.monu.delivery duperb-shop.ngontinh24.com
12 visitor-us-west-2.omnitagjs.com visitor.omnitagjs.com
de.tynt.com
ads.pubmatic.com
blank
12 www.googleadservices.com duperb-shop.ngontinh24.com
12 i.liadm.com 12 redirects
12 ups.analytics.yahoo.com 10 redirects u.openx.net
assets.a-mo.net
12 b1sync.zemanta.com 12 redirects
12 onetag-sys.com 4 redirects s.amazon-adsystem.com
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
router.infolinks.com
cs.seedtag.com
sync.serverbid.com
visitor.omnitagjs.com
11 x.serverbid.com sync.serverbid.com
ads.pubmatic.com
11 image2.pubmatic.com 8 redirects s.amazon-adsystem.com
10 synchroscript.deliveryengine.adswizz.com 1 redirects cdn.adswizz.com
synchroscript.deliveryengine.adswizz.com
s.amazon-adsystem.com
10 sync.cootlogix.com monu.delivery
sync.cootlogix.com
duperb-shop.ngontinh24.com
10 p.rfihub.com 9 redirects blank
10 match.prod.bidr.io 10 redirects
10 cdn.ampproject.org cdn.confiant-integrations.net
10 bh.contextweb.com 7 redirects s.amazon-adsystem.com
bh.contextweb.com
10 www.google.com 4 redirects duperb-shop.ngontinh24.com
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
9 match.adsby.bidtheatre.com 9 redirects
9 ssum-sec.casalemedia.com 5 redirects router.infolinks.com
ssum-sec.casalemedia.com
sync.richaudience.com
9 resources.infolinks.com duperb-shop.ngontinh24.com
resources.infolinks.com
router.infolinks.com
9 protected-by.clarium.io duperb-shop.ngontinh24.com
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 www.gstatic.com googleads.g.doubleclick.net
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
9 aax.amazon-adsystem.com client.aps.amazon-adsystem.com
9 fastlane.rubiconproject.com monu.delivery
9 hb-api.omnitagjs.com monu.delivery
9 apex.go.sonobi.com monu.delivery
9 prebid.media.net monu.delivery
9 prebid.cootlogix.com monu.delivery
9 hb.minutemedia-prebid.com monu.delivery
9 hbopenbid.pubmatic.com monu.delivery
8 sync.richaudience.com 3 redirects cs.seedtag.com
sync.richaudience.com
us-u.openx.net
ssum-sec.casalemedia.com
8 live.rezync.com 8 redirects
8 ap.lijit.com 7 redirects visitor.omnitagjs.com
8 contextual.media.net 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
duperb-shop.ngontinh24.com
monu.delivery
a.rfihub.com
8 secure.adnxs.com 8 redirects
8 e.serverbid.com 1 redirects monu.delivery
7 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
a.rfihub.com
7 ads.pubmatic.com rtb.gumgum.com
s.amazon-adsystem.com
monu.delivery
cs.seedtag.com
sync.serverbid.com
hde.tynt.com
s.spotim.market
7 ssbsync.smartadserver.com 6 redirects visitor.omnitagjs.com
7 sync.srv.stackadapt.com 7 redirects
7 eb2.3lift.com 5 redirects s.amazon-adsystem.com
s.spotim.market
7 sync.targeting.unrulymedia.com 6 redirects s.amazon-adsystem.com
7 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
7 idsync.rlcdn.com 4 redirects u.openx.net
a.rfihub.com
s.amazon-adsystem.com
6 hblg.media.net 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
duperb-shop.ngontinh24.com
6 lg3.media.net 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
contextual.media.net
duperb-shop.ngontinh24.com
6 secure-assets.rubiconproject.com 6 redirects
6 c1.adform.net 6 redirects
6 sync.ipredictive.com 6 redirects
6 pr-bh.ybp.yahoo.com 3 redirects google-bidout-d.openx.net
s.amazon-adsystem.com
ssum-sec.casalemedia.com
5 events-ssc.33across.com hde.tynt.com
de.tynt.com
ads.pubmatic.com
5 rt3070.infolinks.com resources.infolinks.com
5 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
5 cs.media.net 3 redirects contextual.media.net
5 um.simpli.fi 5 redirects
5 ad.turn.com 5 redirects
5 fonts.gstatic.com fonts.googleapis.com
5 pippio.com 1 redirects ssum-sec.casalemedia.com
blank
5 duperb-shop.ngontinh24.com duperb-shop.ngontinh24.com
4 dpm.demdex.net 2 redirects sync.serverbid.com
a.rfihub.com
4 pixel-sync.sitescout.com 4 redirects
4 sync.adkernel.com 4 redirects
4 sync.go.sonobi.com 4 redirects
4 pubmatic-match.dotomi.com 4 redirects
4 image4.pubmatic.com 3 redirects s.amazon-adsystem.com
4 sync.inmobi.com 4 redirects
4 dclk-match.dotomi.com 4 redirects
4 cms.quantserve.com 3 redirects 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
4 ce.lijit.com 3 redirects s.amazon-adsystem.com
4 pixel-us-east.rubiconproject.com 4 redirects
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 creativecdn.com 4 redirects
4 id.rlcdn.com 2 redirects bloggernetwork-d.openx.net
visitor.omnitagjs.com
4 u.openx.net 3 redirects s.amazon-adsystem.com
4 trace.mediago.io 1 redirects 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
duperb-shop.ngontinh24.com
4 s.ad.smaato.net 4 redirects
4 csync.loopme.me 4 redirects
4 csi.gstatic.com imasdk.googleapis.com
4 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
4 btlr.sharethrough.com monu.delivery
4 monu.delivery duperb-shop.ngontinh24.com
monu.delivery
3 choices.trustarc.com a.rfihub.com
blank
duperb-shop.ngontinh24.com
3 sync.spotim.market s.spotim.market
ads.pubmatic.com
3 id.a-mx.com 2 redirects duperb-shop.ngontinh24.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 dis.criteo.com 3 redirects
3 pm.w55c.net 3 redirects
3 ums.acuityplatform.com 3 redirects
3 sync.intentiq.com 2 redirects duperb-shop.ngontinh24.com
3 lb.eu-1-id5-sync.com cdn.id5-sync.com
monu.delivery
3 sync-tm.everesttech.net u.openx.net
ads.pubmatic.com
3 px.ads.linkedin.com 1 redirects duperb-shop.ngontinh24.com
s.amazon-adsystem.com
3 static.criteo.net securepubads.g.doubleclick.net
googleads.g.doubleclick.net
2 lexicon.33across.com cdn-ima.33across.com
2 ps.eyeota.net 1 redirects blank
2 thrtle.com 1 redirects visitor.omnitagjs.com
2 px.owneriq.net 2 redirects
2 sync.mathtag.com 2 redirects
2 cm.adgrx.com 2 redirects
2 pixel-eu.rubiconproject.com 2 redirects
2 a.rfihub.com 1 redirects blank
2 simage4.pubmatic.com ads.pubmatic.com
2 aa.agkn.com us-u.openx.net
a.rfihub.com
2 i6.liadm.com us-u.openx.net
ssum-sec.casalemedia.com
2 d.turn.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 sync.adotmob.com 2 redirects
2 pmp.mxptint.net 1 redirects visitor.omnitagjs.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 33across-match.dotomi.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 t.adx.opera.com 2 redirects
2 cm.adform.net 2 redirects
2 cm.mgid.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 cdn-ima.33across.com resources.infolinks.com
2 bpi.rtactivate.com bloggernetwork-d.openx.net
a.rfihub.com
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 qsearch-a.akamaihd.net 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
2 bttrack.com 2 redirects
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 ads.stickyadstv.com 1 redirects ssum-sec.casalemedia.com
2 ad.360yield.com router.infolinks.com
cs.seedtag.com
2 de.tynt.com 1 redirects visitor.omnitagjs.com
2 dis.eu.criteo.com 2 redirects
2 ice.360yield.com 2 redirects
2 rtb.adentifi.com ads.pubmatic.com
router.infolinks.com
2 gtrace.mediago.io 1 redirects 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
2 sync.teads.tv 1 redirects duperb-shop.ngontinh24.com
2 analytics.pangle-ads.com 2 redirects
2 aep.mxptint.net 2 redirects
2 sync1.intentiq.com s.amazon-adsystem.com
router.infolinks.com
2 pxlclnmdecom-a.akamaihd.net duperb-shop.ngontinh24.com
2 pulsepoint-match.dotomi.com 2 redirects
2 warp.media.net 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync-dmp.mobtrakk.com 2 redirects
2 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
2 ad-delivery.net duperb-shop.ngontinh24.com
2 btloader.com 1 redirects duperb-shop.ngontinh24.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
s.amazon-adsystem.com
2 loadus.exelator.com 1 redirects duperb-shop.ngontinh24.com
2 stags.bluekai.com duperb-shop.ngontinh24.com
bloggernetwork-d.openx.net
2 oajs.openx.net 1 redirects duperb-shop.ngontinh24.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 c.amazon-adsystem.com client.aps.amazon-adsystem.com
2 cdn.id5-sync.com securepubads.g.doubleclick.net
duperb-shop.ngontinh24.com
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
2 www.google-analytics.com www.googletagmanager.com
1 secure-us.imrworldwide.com a.rfihub.com
1 beacon.krxd.net a.rfihub.com
1 partners.tremorhub.com a.rfihub.com
1 x.dlx.addthis.com a.rfihub.com
1 sb.scorecardresearch.com a.rfihub.com
1 sync.bfmio.com visitor.omnitagjs.com
1 crb.kargo.com visitor.omnitagjs.com
1 gocm.c.appier.net 1 redirects
1 sync.aralego.com 1 redirects
1 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
1 ewr-495.ewr-rtb1.rfihub.com blank
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 id.rtb.mx assets.a-mo.net
1 server.cpmstar.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 prebid-server.rubiconproject.com duperb-shop.ngontinh24.com
1 ow.pubmatic.com duperb-shop.ngontinh24.com
1 ssum.casalemedia.com 1 redirects
1 c3.a-mo.net 1 redirects
1 ced-ns.sascdn.com csync.smartadserver.com
1 s.spotim.market visitor.omnitagjs.com
1 cs-server-s2s.yellowblue.io visitor.omnitagjs.com
1 inv-nets.admixer.net 1 redirects
1 jadserve.postrelease.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 tracker.exchange.amitydigital.io 1 redirects
1 s.tribalfusion.com 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
1 api.intentiq.com resources.infolinks.com
1 sync.colossusssp.com 1 redirects
1 event.clientgear.com 1 redirects
1 cdn.adswizz.com sync.serverbid.com
1 synchrobox.adswizz.com sync.serverbid.com
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 sync-pm.ads.yieldmo.com ads.yieldmo.com
1 sync.serverbid.com monu.delivery
1 cs.seedtag.com monu.delivery
1 bloggernetwork-d.openx.net monu.delivery
1 exchange.mediavine.com s.amazon-adsystem.com
1 cs.minutemedia-prebid.com s.amazon-adsystem.com
1 ssp.disqus.com 1 redirects
1 cm-x.mgid.com 1 redirects
1 pixel.advertising.com 1 redirects
1 pxl.iqm.com 1 redirects
1 hde.tynt.com router.infolinks.com
1 aid.send.microad.jp 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 sync.technoratimedia.com 1 redirects
1 sync.taboola.com duperb-shop.ngontinh24.com
1 mweb.ck.inmobi.com 1 redirects
1 a.c.appier.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 hb.yahoo.net s.amazon-adsystem.com
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 googleads4.g.doubleclick.net 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
1 images.mediago.io 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
1 s0.2mdn.net 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
1 cdn.mediago.io 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 analytics.twitter.com duperb-shop.ngontinh24.com
1 nmcsync.imrworldwide.com duperb-shop.ngontinh24.com
1 secure-gl.imrworldwide.com duperb-shop.ngontinh24.com
1 load.exelator.com duperb-shop.ngontinh24.com
1 rules.quantcount.com secure.quantserve.com
1 ad.doubleclick.net duperb-shop.ngontinh24.com
1 api.btloader.com btloader.com
1 mts0.google.com googleads.g.doubleclick.net
1 ads.us.criteo.com imasdk.googleapis.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 secure.quantserve.com duperb-shop.ngontinh24.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 js.gumgum.com monu.delivery
1 api.id5-sync.com monu.delivery
1 client.aps.amazon-adsystem.com monu.delivery
1 config.aps.amazon-adsystem.com monu.delivery
1 www.googletagmanager.com duperb-shop.ngontinh24.com
1 duperb.shop 1 redirects
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 jelly.mdhv.io Failed ssum-sec.casalemedia.com
0 ads.avct.cloud Failed us-u.openx.net
1015 269

This site contains links to these domains. Also see Links.

Domain
api.duperb.shop
www.google.com
Subject Issuer Validity Valid
ngontinh24.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2023-02-23 -
2024-03-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
imps.monu.delivery
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.technoratimedia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-12 -
2024-09-16		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
client.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-12-20 -
2025-01-18		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M02		 2023-04-09 -
2024-05-07		 a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-19 -
2024-11-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-08-14 -
2024-09-12		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.omnitagjs.com
Amazon RSA 2048 M01		 2023-04-17 -
2024-05-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.consumableaudio.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.gumgum.com
Amazon RSA 2048 M02		 2023-08-13 -
2024-09-09		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-08-02 -
2024-08-13		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-11-08 -
2024-02-06		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-10 -
2024-02-03		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.mediago.io
Amazon RSA 2048 M03		 2023-08-07 -
2024-09-04		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2023-10-03 -
2024-11-03		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-13		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
sync.serverbid.com
Amazon RSA 2048 M02		 2023-03-22 -
2024-04-19		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.adswizz.com
Amazon RSA 2048 M02		 2023-06-21 -
2024-07-19		 a year crt.sh
*.smartadserver.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-02 -
2024-08-04		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.ewr-rtb1.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-26 -
2024-11-11		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
sync.spotim.market
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh

This page contains 139 frames:

Primary Page: https://duperb-shop.ngontinh24.com/
Frame ID: AB2A7EDBCA4A96209D089AE3338F6633
Requests: 275 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 3C2FBA9BF386E2639B8EBF20AA2F666B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Frame ID: 5E2FE480CE18DABFFD0EB26960219C5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&adk=1812271804&adf=3025194257&lmt=1704287131&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591002&bpp=3&bdt=655&idt=349&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7062184289034&frm=20&pv=2&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=369
Frame ID: EA09049352A283B07B13634FC2E7E840
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Frame ID: 9624002A9AF5768B99DC0BF2323A846C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Frame ID: 7A9734EEF0DA0F47808F4FA564386937
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Frame ID: 4D441E78E9218710FB0F460A28823955
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Frame ID: F8EDF6505964434C0EAF2827D1E01761
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D25C6652CF4DFB753C97BBE6E72021AA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DE65688C86DA66BEBBD082780D4CA22A
Requests: 2 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 6C93CD08B96BA2B0DB94F0A97D390878
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 07778BC7F89331082DF057BE55BDBEB2
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 5999E305741AFA75CC0C5112FE355F62
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6F4C146AB89EFDE74CBA1BE0B9B70344
Requests: 2 HTTP requests in this frame

Frame: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 579F56E1B6CD1194103C9B70F832A9C4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Frame ID: 1D807739967AB54DA9C085FE696F9F5E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 22EBD2C697C32DF6D0FBC2F6A100C3EF
Requests: 9 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 884CF79BB8F9A8FFDC68953AB45B70AE
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 74861DBC8368D897430217333A6CCCD5
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3011296250024499263&gdpr=0&gdpr_consent=
Frame ID: E28D205CB347ECE7B8F21DE33F0BA22D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=d5bc226a1bc13e0585575a375e2ac5e5
Frame ID: E6680B5CAC7C3D4BB864E5D4DBEC07E4
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: E4C2C9B3876FB088A7EABF51C07C66AD
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 4DBF32695BBAD7794E000260D938EF7E
Requests: 20 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: B7249F01829E8943F3DD207E7E57C859
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=636979850693708765&ex=appnexus.com&gdpr=0
Frame ID: 82097A89AB87C470367BF72ABB2F0253
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2470123173329690347838
Frame ID: 1CC45DAA96C21E1EB1EE99572CEC0A14
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 1F44B35147CE653EA7974E5EDCA93CAE
Requests: 16 HTTP requests in this frame

Frame: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2772C53B3833F6EA88796A86A886DCCE
Requests: 18 HTTP requests in this frame

Frame: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D4B85834F7B875A3BA00901818074918
Requests: 16 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=3718888275283899047&gdpr=0&gdpr_consent=
Frame ID: 18C5390CC4EB6A0B3D6A4E67D67F75D2
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84YmVkN2QxYy01ZGQ3LTQzZDgtOGYxZS0yZTg0NzYyMjI4MTM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 08FCFCAACA95D435E3A4CA5058F8DBDC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 4F1D867833A8EF8C46BD96CF0550509D
Requests: 20 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Frame ID: 40A3863BB4863543963BDF595D6582E1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZZywcCo5ukAAG3uQjIAAAAA
Frame ID: 07F634E37B085941DBDCBBE4533AC589
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=gumgum&tc=1
Frame ID: 212CC9153FFFA5D76BEB312824EDD585
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DBA80E8184EA821BA3773020BAF09F4E
Requests: 20 HTTP requests in this frame

Frame: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D465A0BDDA34118AB86F9912142FE4D
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnKmQqV9CzrpU--prhS_SQ55bdudSUf7NHviPczZnDVB08By7KuzBKAYbzhekfpf04UyeVvQEawNXedqD5UTAWn6quM-6gW4D9N3qWeyTYVuGOvtdYKXNHzx7O8f-T82EMs-CdAVVxr7jTMIx7jsI0q541Ux036aTU2ccodDrH9-677yEGll0JgexrX3fAjoxLd2VHR1jznkrig-siIRVRDHxYAvUjguI7P0rksbTYvEjTgaj3sawy79-5-nAOiE1fmq8XiX1mbAI7YnPJwyNK7nhto909swoiUwmmqZD6SBpHd-ILXyFDjD0T5Hh5jY_scaa0niCxgbXqSxUDUXPWmas9BLORhYCPpvNIWItBnxOX08azUwa7EUnsNNeSz5s40v6SSOab_IsjF0R2qX0p41EwYIH_&sai=AMfl-YSrLfqTNiGlI0Z6KbxCmhDmohpkWzIddP2M5yYpl6oR2vxKr3FcMue2BWB-PkNy6mqNZNddpVvkacRBZI6yhoViKN_E7VkvapMEDnpIHH-OVQfRgM9zrjMKH_ULB70&sig=Cg0ArKJSzK9vG662Ovx_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9FB84F2D4B9A9031D8FF5125080672A8
Requests: 9 HTTP requests in this frame

Frame: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2A022D5D3CF1EBAE7B481EE7194D2EE9
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: A3E0FDE6E4F2530BB6BF7F11ED30DF4F
Requests: 13 HTTP requests in this frame

Frame: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B8032C7BD9CD81CF596520749924419D
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3027&&kkdd=nH%7CW%7C9Hnuh3*A&44=c.&111=TDw99ffEbQzBmvu1T!.lyEb.UEVHj_pe5emZmhzP-WIdgdBuasJ-boUf13ptp-jVCKdPJ82kz_cBslEs88y1s1_864preKKK&423=jj)j&3z=jdD)sYPYosPDd)YYPPx&h2vb=D&1GvK=D&5G4f=*swP&4z2=PecdHddjZ&4v42=H4VhCBXam(ZX6jmmqbb(4U%3D%3D&4bz2=YswwPPY))&GzFf=dxPBoD&G4=J*&4RE1=G11m1zhbK5zCEm5fG5&vz2=PygwdnWs.&5vz2=rjZswwP&R55vG=j&bbb=5FnqR*49q*PIswCVTrPY-*s)_98bNCoKQNDDcaJsEmmMmTbqy*hfG-%3D%3D&EGf=Y&9U=j&ah2=)&K25j=Pecco(JP8&K25x=PsoxPPw)s&l2K5K=G2x%3DEa997zab9m9%3DjD7Chfbv1%3DDAxd72C1ml%3DDAYs7G42%3DS97bKf%3DD%2CD72C1m9%3DxD739xbmG2%3DxDx)DjDsjs7zab9ml%3DdsDADj7ab9m5u4%3DD7ab9mbxKml%3DD7G52%3DPojw)PYYD71EmlfRmlCCG5%3DDAPY7bK5%3DDADDD%2CD7zv%3DWC28uvSEo6uzSK)yW1GZ~7Sll%3DjY7lRmz1%3DYD7bzzvaK%3DjDd%2CjDd7b4%3Dj7bzGaz2%3DD%2CD7bvGmG2%3DxDx)DjDsj)7bK23%3DDADDD%2CD7ab9ml%3DjAsd739xbmab9ml%3DD7G11mUb%3DxYAjjYo7ab9m9%3DjD7G93%3DxxAPP7h4K5%3Dqj7ll%3Djow7G11m1a9%3DDAdw7fbv1%3DDAxd739xbmab9mu4%3DDZD7vGzm4%3Dxx%2Cj)%2CD%2CD%2CD%2CD%2CD%2CD7l1%3Dj7vGzm2%3DjjPd7buf%3DD%2CD7Ksvml%3DYAos%2CdYA)o7G2%3Dj7az2%3Dx_KIRWzP5es6Z43l1N7439xbml%3DjAwd7l52%3DwdjosDxP)YjxsjjwwDYjjwYjswsxwDxx)DDYjwwsDoodD)sPj)soPDwDdPowP)xPdxwssjjxodYjxjDjjwjjwsxY)djowjPYjPPdwjw7az1%3DD7bu5%3DDADDD%2CD7Ch2xvml%3DDAoY7GG%3Dk-744%3Dc.7ulm29%3DE%2FK7azU%3Dqj74f%3DD7b43%3D)jADw7e_%3DsDdo7ulma4%3DD7E5G%3Dj7ulma9%3DE%2FK7ulm44uG%3DD745%3D1zK1z7lGGmMrN%3Dk-%2Ck-7lKGzGx%3Djow7l25%3DjdD)sYPYox7lKGzGj%3Djow7ulm55%3DD7lRmG2%3DxDx)DjDxDj724%3DP739xbml%3DYAs)755%3DjjPd73UmfB4%3DDAP73zGmG2%3DPd7ab9mbvGml%3DPAw)7lRm4C%3DD724x%3Dj73mKGE%3DoDDo7~y%3DAiGRCvAi79KG5%3D743Ch%3DjAwd73zGmab9ml%3DDAYw739xbmzmG2%3DxDx)DjDsjs73zGmab9m9%3DD7f5%3DjP739xbmzml%3DDADx73zGml%3Dwd)AP)739xbmab9m3z%3DjZqjw7ab9m53z%3DD733%3DD7439xbmG2%3DPY7bS3%3D)jADw79xbml%3DjDDD7Ubml%3DxAoj%2CD7G11mG2%3DxDx)DjD)Ds7bK2v%3DDADDD%2CD7Gz2%3DYswwPPY))7ab9mbvGmu4%3DD7ulmGb4%3Dull73Ua%3DDAP72xvm9%3DjD7439x%3DjAwd7sv4S%3DoooAPY7211mG5bh%3DG11m1zhbK5zCEm5fG572xvml%3DDAoY7bvGml%3DdYA)o7ab9mGbvGml%3DPAw)7buUv%3DDADDD%2CD7~yx%3DAiGRCvAi7buU2%3DDADDD%2CD7zGnfS%3DD7yJ%3DD7zGzS%3DD7ab9mbv4ml%3DD7lz2%3DDAxj7ulmv5%3D8C1fvKhf7ab9mbvGmb3%3DD74l2v%3DDAxjD7G2%3Dj7z56vfmz2%3Djd7Gf99fbm5Khmz2%3DPojw)PYYD7Gavv96m5Khmz2%3D72f5f45f2m5Khmz2%3D73zfUKlz9z56%3DDAP7vCG%3Dw7K4m56vf%3Dj7K2l9u%3DPojw)PYYD7K1v%3Dj7Chlz2%3DDAxdD7lS9b%3DDADYD7Gaz2%3De-Z.Z*PCXQ6W)tu61T)KZgD8Z~_7254%3DfKG5mG47211mfbv1%3DSK9Gf7211%3DG11m1zhbK5zCEm5fG57l2v4Kv2%3DD72K9h%3DG117Gh15%3D9CEhm5Kz9mRC1fvKhfm4K54RK997GClv%3D7Bz2%3D-pQqvalqso))oY)PwxsjwxPs7R519%3Dj7G11mKvz%3D3j7zl4%3Dj7EGF%3Dj75hG%3DdxPBoD7lGl%3DD7lGv%3DD751B%3Dx)w&E53=D&zU=dxP&zE_Sb=j&l2b_2=)wD&lz2=s)oDw)&14S=dwYox&62Gvb=j&lKf=XBfk%2FFVFKh7XBfk%2FFKXKh7)ff&uK5vbf=j&uK5lz2=qjDx&4K2C1KzE=5FnqR*49q*q8.Rk)xqaaS2EYgQRxzeDkwV2sx6)_.4T!g8Tmu6TCFh%3D%3D&6v9v=j&zGz2=Y&K23=_E3fG5Cb%20JC4aG&GG14bm3fb=Y&vhz2=vjjdYxwjPd)x5xDx)DjD)DPYw&GG92=%7B%22GGzv%22%3A%22xDDj%3ADYYD%3Aj2DY%3ADDDD%3ADDDD%3ADDDD%3ADDDD%3ADDDD%22%2C%22GG44%22%3A%22c.%22%2C%22GGG4%22%3A%22J*%22%2C%22GG456%22%3A%221zK1z%22%7D&R519Gb4=j&sflct=3761804&54Sm41v=j&ure=1
Frame ID: 10CD838FE0E79924C0AE02E02F87A61A
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3072&&kkdd=*3%7CW%7Cnu9h*H3A&44=DV&Q3=vOqisuduosBuosBdddq&JYeG=q&w.eX=q&4YQ=vviv&k.4T=HsBd&43Y=dADOSOOvW&4e4Y=S4CJaR_7EIW_bvEE*GGI4!%3D%3D&4G3Y=OqiuoidvB&.3yT=sqqRxuq&.4=pH&4trw=.wwEw3JGXk3arEkT.k&e3Y=d-gBOUhsV&ke3Y=~vWsBBd&tkke.=v&GGG=kyU*tH4f*HdPsBaC5~duLHsi0fjGKaoXMKqqD7psrEEcE5G*-HJT.L%3D%3D&r.T=u&f!=v&7JY=i&XYkv=dADDoIpdj&XYkx=dsoxddBis&NYXkX=.Yx%3Dr7ff837GfEf%3Dvq8aJTGew%3Dqlvo8YawEN%3Dqlus8.4Y%3D6f8GXT%3Dq%2Cq8YawEf%3Dxq8QfxGE.Y%3Dxqxiqvqsvs837GfEN%3DOsqlqv87GfEkm4%3Dq87GfEGxXEN%3Dq8.kY%3DixOBsOuxus8wrENTtENaa.k%3Dqldu8GXk%3Dqlqqq%2Cq83e%3DhaYjme6robm36Xi-hw.WZ86NN%3Dvu8NtE3w%3Duq8G33e7X%3DvqO%2CvqO8G4%3Dv8G3.73Y%3Dq%2Cq8Ge.E.Y%3Dxqxiqvqsvi8GXYQ%3Dqlqqq%2Cq87GfEN%3Dvlxd8QfxGE7GfEN%3Dq8.wwE!G%3Dvoluxiu87GfEf%3Dvq8.fQ%3Dxxldd8J4Xk%3D*v8NN%3DvoB8.wwEw7f%3DqlOi8TGew%3Dqlvo8QfxGE7GfEm4%3DqWq8e.3E4%3Dxx%2Cvi%2Cq%2Cq%2Cq%2Cq%2Cq%2Cq8Nw%3Dv8e.3EY%3DvvdO8GmT%3Dq%2Cq8XseEN%3Dslio%2COdldu8.Y%3Dv873Y%3Dx0XP3bsgOxwQNkA0G584QfxGEN%3Dxlxd8NkY%3DBOvosqxdiuvxsvxqudsOqxiqiovqdousOsdBiuoudOxOuddvqxvOduuxBuOvBqdidoiquvOouxBqsivvxqBquoddduvxduxdsuOsOBq873w%3Dq8Gmk%3Dqlqqq%2Cq8aJYxeEN%3Dqlod8..%3D2L844%3DDV8mNEYf%3Dr%2FX873!%3D*v84T%3Dq8G4Q%3DivlqB8A0%3DsqOo8mNE74%3Dq8rk.%3Dx8mNE7f%3Dr%2FX8mNE44m.%3Dq84k%3Dw3Xw38N..Ec~K%3D2L%2C2L8NX.3.x%3DvoB8NYk%3DvOqisuduox8NX.3.v%3DvoB8mNEkk%3Dq8NtE.Y%3Dxqxiqvqxqv8Y4%3Dd8QfxGEN%3Dslvi8kk%3DvvdO8Q!ETR4%3Dqlox8.wwEN3Y%3Dqlvi8Q3.E.Y%3DdO87GfEGe.EN%3DdlBi8NtE4a%3Dq8.aN5%3DqlqO8Y4x%3Dv8QEX.r%3Doqqo8Z-%3Dl(.tael(8fX.k%3D84QaJ%3Dxlxd8Q3.E7GfEN%3DqlOd8QfxGE3E.Y%3Dxqxiqvqsvs8Q3.E7GfEf%3Dsq8Tk%3Dxq8QfxGE3EN%3Dqlqx8Q3.EN%3DOOdlud8QfxGE7GfEQ3%3DvW*vB87GfEkQ3%3Dq8QQ%3Dq84QfxGE.Y%3Ddu8G6Q%3DivlqB8fxGEN%3Dvqqq8.wwE.Y%3Dxqxiqvqiqs8GXYe%3Dqlqqq%2Cq8.3Y%3DOqiuoidvB87GfEGe.Em4%3Dq8mNE.G4%3DmNN8Q!7%3Dqlox8YxeEf%3Dvq84Qfx%3Dxlxd8se46%3Dvqqqlxs8aJEw.t%3Dqlvo8YwwE.kGJ%3D.wwEw3JGXk3arEkT.k8YxeEN%3Dqlod8Ge.EN%3DOdldu87GfE.Ge.EN%3DdlBi8Gm!e%3Dqlqqq%2Cq8Z-x%3Dl(.tael(8Gm!Y%3Dqlqqq%2Cq83.UT6%3Dq8-p%3Dq83.36%3Dq87GfEGe4EN%3Dq8N3Y%3Dqlvi8mNEek%3DjawTeXJT87GfEGe.EGQ%3Dq84NYe%3Dqlviq8.Y%3Dv83kbeTE3Y%3DvO8.TffTGEkXJE3Y%3DixOBsOuxus8.7eefbEkXJE3Y%3D8YTkT4kTYEkXJE3Y%3D8Q3T!XN3f3kb%3Dqlox8ea.%3DB8X4EkbeT%3Dv8XYNfm%3DixOBsOuxus8Xwe%3Dv8aJN3Y%3Dqlvoq8N6fG%3Dqlvvq8.73Y%3DALWVWZYMWP1HpbwTwzRBQs0!v0h8Yk4%3DTX.kE.48YwwETGew%3D6Xf.T8Yww%3D.wwEw3JGXk3arEkT.k8NYe4XeY%3Dq8YXfJ%3D.ww8.Jwk%3DfarJEkX3fEtawTeXJTE4Xk4tXff8.aNe%3D8R3Y%3DL1M*e7N*soiiouidBxsvBxds8tkwf%3Dv8.wwEXe3%3DQv83N4%3Dv8r.y%3Dx8kJ.%3DxuqRxuq%7CsqqRxuq8N.N%3Dq8N.e%3Dq8kwR%3Dxsd&rkQ=q&www=5qBffTTrGM3REemw5zVN-rGV!rCSv01AkAEWEJ3dLhPOgORm7spLGo!TwQ1)1LvCaXOdpjY230DRsNrsjj-wsw0jb41~AXXX&3!=sqq&3r06G=v&NYG0Y=iBq&N3Y=sioqBu&w46=OBuox&bY.eG=v&NXT=_RT2%2FyCyXJ8_RT2%2FyX_XJ8iTT&mXkeGT=v&mXkN3Y=*vqx&4XYawX3r=kyU*tH4f*H*jVt2ix*776YrugMtx3Aq2BCYsxbi0V45zgj5Emb5ayJ%3D%3D&befe=v&3.3Y=u&XYQ=0rQT.kaG%20pa47.&..w4GEQTG=u&eJ3Y=evvOuxBvdOixkxqxiqvqiqduB&..fY=%7B%22..3e%22%3A%22xqqv%3Aquuq%3AvYqu%3Aqqqq%3Aqqqq%3Aqqqq%3Aqqqq%3Aqqqq%22%2C%22..44%22%3A%22DV%22%2C%22...4%22%3A%22pH%22%2C%22..4kb%22%3A%22w3Xw3%22%7D&tkwf.G4=v&sflct=2765151&k46E4we=v&ure=1
Frame ID: 38FD6A959ADFE962024F1710F916E74D
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: A983103FF51D98CBACC3361F11696064
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DB4CCACE6CEAE0FED67C818F47482983
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 54B548381B1037F8DCF991D4A8D7805A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8D2E5140C7679611091AE4CB14D498EA
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 9DA044404D2B39155BF363C31C20F540
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B5DD284665F3B08953318C150C16C38
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 683193D7ACBFEA4EC16FC155056F1A4A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Frame ID: 54DF54DADC417B9E0EBEBDF3BEA1C18F
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CE5C8882A80D241E55948676DAC3DC40
Requests: 9 HTTP requests in this frame

Frame: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9FC8F10A250B0D58F8CD17D9A6EC9694
Requests: 14 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Frame ID: E02A9F040BD809E034ADA4E3B546A04B
Requests: 26 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&redir=true&gdpr=0&gdpr_consent=
Frame ID: 9E997372CE17E5FA7D78AA4A21900E45
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Frame ID: 724412627E87C4E69E21FCC630403C38
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: AFF4CF35C0F54E4859DBDE54250839E9
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: 52EEFE5B1B9A48E8F15DB91C8D7CD13C
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 22D034C0CF2C8552CEE13C2BA1BF321B
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: BE59D258A5030AA43AE2B9E29AD35ADA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972&us_privacy=1---
Frame ID: E3D8469F7BEE877F520B256279B8FE20
Requests: 1 HTTP requests in this frame

Frame: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 533F547F48886DA24AE4C73EF493E810
Requests: 11 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Frame ID: 35E56E02CF66E90467B7C1AAFECEBA25
Requests: 17 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: F4B1A9A75974592F47A1B2BE15FDDA61
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 322705F80A9219A9297891D406EC938A
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtUBShpkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbVILYWFzLWZjMjU1OGFaCHBiYTEuMy4zahpkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbfoBBjguMTIuMOgCAYgDv-XZrAaoAzjqAyQ5M2ZlYWEwZC0wMjZiLTRiNTEtYmZjMy0yNjI4ZDIwZmE0YWaqBANEQ0iyBQNVU0TSBQkxMDUxOTk1MzTYBQHgBQHqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHDm5nb250aW5oMjQuY29t4AcB
Frame ID: 34D2634189CAD3C903E14EF3B25499B0
Requests: 19 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 77788FB7C505ABEB8B7F5425BD6C9D01
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 236E527F545AEBD254EA33BD5E088ED1
Requests: 2 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000033.html
Frame ID: FC08CC6839EE9BFD59AB5B3BB77DF082
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Frame ID: 72DBB0742A55941572A279F07EEBD852
Requests: 25 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-4.0.html
Frame ID: 4EC6734B43513D0E350E2C7B0474088A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AEAAAC84B3532E210614EFE713483F06
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 9BBB02263A5335582991861F2E1360A6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: F17672C15375B3C27C7E7E3E7FC15649
Requests: 4 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: BFC7E8C065AFB952F7DCDEBBF30CDC8B
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: BE66600C18C171EC94A2C2E03E19AECC
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: 96BA31729C61401A7F270A383B4B5301
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Frame ID: BAAF840487AFCED6ECBE300F38CA9B68
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Frame ID: DA6535FD0B2319EAD0DC065E5F07D3D5
Requests: 21 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: EDA622387BB7FFD07427E0E13E7B2110
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
Frame ID: D126984A387BD63A5D6E448478EDF9C5
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=pGp0OXObzqUD&ev=1&us_privacy=1---&pid=562983
Frame ID: 482DB1A02789190A6F05A3103D3EEE03
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: FF86D02A5EE0D64C003CDB7C051D2707
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: B44D4AFCB4694C02CB29CC7B42B790D5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: F76C19CE7984396E1341D9D0142A73DB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 96D69D4D514DE15A85B6C6F1BCE67460
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: EF4E6AD1A19F90A0A0FD37E27C0F693E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 03C9D29C4B4F5319254F3EEB8DA5E5F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 4541C6395CA18D661A171FAA5872AF55
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/dyn/amd-us?user_id=e8ada473-c67f-217f-2b24-39cc63c74461
Frame ID: B09B20F0FECF5ED599D43E57238EC4A6
Requests: 4 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: F9035647C2C07CC539AA40242DC12CA9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 8A52F57633C98EB226DE0F783A948D81
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: B52046AEDA77F95145111C07D41DD90D
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: F26E4B8BC6C995A651BFE620697C096A
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Frame ID: 96CFEB3A5F22B113153444F50059856A
Requests: 7 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 7420C827FF829020E862C4C1F6B584AD
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 88E1F8F0F46E8AC61A69C69FD2AFD0FF
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704358596036.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D
Frame ID: CD40BCCC74FA6555DB7980526C2E6C9B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Frame ID: D2A1F385A7C6236120E983362BCDBAF8
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D649285%26a%3D644680%26domain%3Dvisitor.omnitagjs.com&gdpr=0&gdpr_consent={gdpr_consent}
Frame ID: 10A763CBBFA1AEBB87F1481CC9EA5451
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=25df8c62b5c6d1ae&name=OPENWEB
Frame ID: 8CE2BC71254056DE7A466401F9E322A4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Frame ID: D89FF51339E03C4801EBBF4479D777AB
Requests: 10 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Frame ID: 371BF42CB597B79A80A25FDD960E88BF
Requests: 8 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: A79D7A0FDF151040B769F68409FD62EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 60253FF2B42656227A01F711B64E9A76
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 5DDACC40D6E50C6A898970DD1FB4D1CD
Requests: 26 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 6CA1A71959F5005DE58CD1E92480035B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 56B229137329221F871AA81D048ADD59
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 261800CA124EF475D3525A1CF763E03A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZZyxAAL_FwkngBd
Frame ID: 42469AA5C6CF01B7F4067A073BB5F9F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2b065bb2-aadf-11ee-b1df-8535da4c58cd
Frame ID: 137B0FBEE67B00B264F55F74D9F5CD6E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 454F100B8ED90B62599A287FF1A04D6B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 5AD9249BFEAD9BFE4BD78627B5FCF67E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: B6476C771421A86A546BD6B99BF0271B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: C8A52F49F5E6563AAB2ACA5D468657B1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 310DB69911A2837F1B5C69F5C759949E
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: ED56E736D7A124FA9588541D0201D4D6
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 0468BD66E5D72FA8681F412C0AAAC92B
Requests: 1 HTTP requests in this frame

Frame: https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Frame ID: 1F5CC85C0ADC850E434D9A6218878550
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 41E7AD442EB124C74616F7D298AC9A4B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: B8A9EF093260834BF1515D7B636C5AED
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: A59069491EC3678BBEC984A22864A02D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 79DD9EC4B29F6652EFEE78CA2A6635D6
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 6383C339AAE32B4E1C23D06E4BB54C16
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
Frame ID: 75D214BD02F6C73D2B797C1627BAF33E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: EE6E1FD6B52FDC83F1E7CB8AC987E69E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 60428DB30333076E149293ACB486C0DA
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: C8F6FF2903E51FA8098147C6C7AFEDEA
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&traffic_source=snippet&session=78A324727F68D62D&sp=750078&pb=612004&c=570607&a=281178&domain=visitor.omnitagjs.com
Frame ID: 81C99DA942F1B1ADBF40DC34CAD3701B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: AF5C24CB9A8E8FB1AC1967FE0CE551EE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Frame ID: 0E0EB06934EB09DD500EF71AF86F73E4
Requests: 4 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 6DF68E777E43EDF00FECAE6AB64008FB
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: 127A5F98EFF90A68DCF6F4E0F568440C
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: 59A14372F5268E79F232A7BA3E2FC0A7
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: BCF1E20EA1148F31935A5234B3C7D973
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: AE21CA40C719B028267B66AC00C8B7AE
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: C970F3B71F83922CCB46E0CBCE265768
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Frame ID: 72AA2BA40BAE22AD5B2B0CD94EA879F8
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&traffic_source=snippet&session=78A324727F68D62D&sp=750078&pb=612004&c=570607&a=281178&domain=visitor.omnitagjs.com
Frame ID: 9B5A4C5A2B745399F3BE717BEC8A47E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Duperb - An Experienced, Professional, Authoritative And Trustworthy Website

Page URL History Show full URLs

  1. https://duperb.shop/ HTTP 302
    https://duperb-shop.ngontinh24.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1015
Requests

73 %
HTTPS

24 %
IPv6

158
Domains

269
Subdomains

168
IPs

12
Countries

5814 kB
Transfer

14502 kB
Size

379
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://duperb.shop/ HTTP 302
    https://duperb-shop.ngontinh24.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 172
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&rid=esp&cc=1
Request Chain 200
  • https://idsync.rlcdn.com/395736.gif?partner_uid=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CNiTGBIxCi0IARD6bBomdV84YmVkN2QxYy01ZGQ3LTQzZDgtOGYxZS0yZTg0NzYyMjI4MTMQABoNCL_l2awGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=101671231055b36abc7544181fd1bdf19a6f41adc07b98254c7707e6c67f7bf8791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=101671231055b36abc7544181fd1bdf19a6f41adc07b98254c7707e6c67f7bf8791426b5417dce21&rand=03998241 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=101671231055b36abc7544181fd1bdf19a6f41adc07b98254c7707e6c67f7bf8791426b5417dce21&rand=03998241&expected_cookie=7031ab5d-ede3-4326-9b54-b5d185afd84b
Request Chain 219
  • https://loadus.exelator.com/load/?p=233&g=001&j=d HTTP 302
  • https://loadus.exelator.com/load/?p=233&g=001&j=d&xl8blockcheck=1
Request Chain 225
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 226
  • https://btloader.com/tag?aax_id=AAX8RN661&upapi=true HTTP 302
  • https://btloader.com/tag?o=5761653252554752&upapi=true
Request Chain 229
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 258
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Request Chain 261
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=91f85520-833d-c384-1aba-03236ba40fd0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=91f85520-833d-c384-1aba-03236ba40fd0&dcc=t
Request Chain 262
  • https://match.adsrvr.org/track/cmf/openx?oxid=c92e295d-9f97-787e-dab4-81b40397c430&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=c92e295d-9f97-787e-dab4-81b40397c430&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttd_puid=c92e295d-9f97-787e-dab4-81b40397c430&gdpr=0&gdpr_consent=
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECPee7GfZeJJiR3s47NfK08&google_cver=1
Request Chain 283
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MWI3OGRkN2I4MWE4NzZiOTczNTExNjk4NDc1MzIwYzY&&google_redir=https://load.exelator.com/load/?p=204&g=109 HTTP 302
  • https://load.exelator.com/load/?p=204&g=109
Request Chain 289
  • https://idsync.rlcdn.com/397416.gif?partner_uid=1b78dd7b81a876b973511698475320c6 HTTP 307
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008LEfQ5zTg_8Mg9jUB7jB0MY02qUaFwfXsfplKJ3Obr9g
Request Chain 294
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=
Request Chain 295
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2&gdpr=0
Request Chain 296
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1704358592634 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2694834854 HTTP 302
  • https://sync.1rx.io/usersync/turn/7995778992001487599?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-d414429b-91ca-4e66-977e-78ebb86b19bc-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
Request Chain 297
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=331d97c4aa
Request Chain 299
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=42D3FF6D47FB4FDCBA093AD588E3B0A1&ex=simpli.fi&status=ok
Request Chain 300
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded221a01ed952t9qag00lqyz3mox
Request Chain 301
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=oaPM0sJO2eiGBZGXbFb6&gdpr=0
Request Chain 304
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3011296250024499263&gdpr=0&gdpr_consent=
Request Chain 305
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D&gdpr=0 HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=d5bc226a1bc13e0585575a375e2ac5e5
Request Chain 308
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 309
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=636979850693708765&ex=appnexus.com&gdpr=0
Request Chain 310
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2470123173329690347838
Request Chain 325
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=9ce8563b-52d0-4e1e-85cd-01473a0ca5e8 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ce8563b-52d0-4e1e-85cd-01473a0ca5e8
Request Chain 326
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=636979850693708765
Request Chain 327
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7851663803925631727&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 329
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=636979850693708765
Request Chain 330
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=gumgum2&bsw=97c6f5a2-cd54-4303-8f86-b973f7a4e46c HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=gumgum2&bsw=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=Y2VmMDEyOTdkODUwN2Q&gdpr=0&gdpr_consent=&us_privacy=&ssp=gumgum2&bsw_param=97c6f5a2-cd54-4303-8f86-b973f7a4e46c HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 331
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=3e138d2d-b782-4028-bdcf-9159cbc7c576
Request Chain 332
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-ef956d8e-f409-5138-7252-8d79ad66eee1$ip$38.132.118.68
Request Chain 333
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-XjiGXexE2peIIS6ty1lHdGWK7xuG8diznsAb~A
Request Chain 334
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
Request Chain 336
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=oaPM0sJO2eiGBZGXbFb6&gdpr=0
Request Chain 337
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=shPoxOvphQY2&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 338
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3011296250024499263
Request Chain 343
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=3718888275283899047&gdpr=0&gdpr_consent=
Request Chain 346
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Request Chain 347
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZZywcCo5ukAAG3uQjIAAAAA
Request Chain 348
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=gumgum&tc=1
Request Chain 349
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 353
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZDQ3ZDVhNWQtN2IzYy00MTNmLWEzZjktODg1ODYwYWQ1N2Fl HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 355
  • https://pr-bh.ybp.yahoo.com/sync/sharethrough/d47d5a5d-7b3c-413f-a3f9-885860ad57ae?gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-XCASMiRE2oPvbFyMsj9KD6SpuO838uo.FKSkjo2ytU6z~A
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Y2UzQ1RvdFA4cmxERGs1Y1NyOERHQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGs0s9yzGlsTeFcLW-o4jdI&google_cver=1
Request Chain 398
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=72b6b5e83ffe076b&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABcSc2fYNPzgNdzP8bAAAAAAA&expiration=1704444993&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 443
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 474
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LQYZ3LUL-20-86GL HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQYZ3LUL-20-86GL&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 477
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMrblUvQi8LnAtqFy6etmMU&google_cver=1
Request Chain 479
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMrblUvQi8LnAtqFy6etmMU&google_cver=1
Request Chain 485
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFZWjNMVUwtMjAtODZHTA==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOmNmde3y-kEaiYCgWR_jyE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFZWjNMVUwtMjAtODZHTA==&google_push=&gdpr=0
Request Chain 486
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jOc7CYyQx8AmeVwdzaiGoMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-64cFouFE2oIQEXDBJnomkXJR9SvGw2pvImletg--~A
Request Chain 487
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQYZ3LUL-20-86GL&gdpr=0
Request Chain 488
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHFM_mNuhylTRuaGK2gViEM&google_cver=1
Request Chain 489
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQYZ3LUL-20-86GL&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 490
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY5ODE2N2Y4NjExNGQ3YzJhOTU4OWUxZmVlNjI0MzFkYTM4NWU2OA&gdpr=0
Request Chain 491
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=&expires=30
Request Chain 492
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=i-6t6AA8RQ26_ZRyHelWBA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=i-6t6AA8RQ26_ZRyHelWBA&gdpr=0
Request Chain 493
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEjgU7LLOYAABZ9wfisGQ&expires=30&gdpr=0
Request Chain 494
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQYZ3LUL-20-86GL&gdpr=0
Request Chain 495
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&expires=30&gdpr=0
Request Chain 496
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQYZ3LUL-20-86GL&gdpr=0
Request Chain 497
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQYZ3LUL-20-86GL&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQYZ3LUL-20-86GL&gdpr=0&dnr=1
Request Chain 498
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQYZ3LUL-20-86GL&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQYZ3LUL-20-86GL HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQYZ3LUL-20-86GL&ckls=true&ci=smbYB4P6Wt&nc=false&trid=-1470291295
Request Chain 499
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQYZ3LUL-20-86GL&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQYZ3LUL-20-86GL&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS12NzFzLlBORTJ1SDEzeG1KVjJldVFhSkFXWW5hWExvVn5B&gdpr=0&ovsid=LQYZ3LUL-20-86GL&dpid=58160
Request Chain 509
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELcs6DXG2hsGEt5HeQDY0Tg&google_cver=1&google_push=AXcoOmQhgqDoNBaTOjvKyxZXqosDj_3S1AhT-g2GOp59NE2n8LKqxrUo6O8tsLfVzqB9PRXIze9drdme5I8ZoJoGQobbpsughXxBOQ HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1123c2eb012a05ee&is_secure=true&networkId=14000&version=1&google_gid=CAESELcs6DXG2hsGEt5HeQDY0Tg&google_cver=1&google_push=AXcoOmQhgqDoNBaTOjvKyxZXqosDj_3S1AhT-g2GOp59NE2n8LKqxrUo6O8tsLfVzqB9PRXIze9drdme5I8ZoJoGQobbpsughXxBOQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACWMpEdPzD0wM6l0jiAAAAAAA&expiration=1704444994&google_cver=1&is_secure=true&google_gid=CAESELcs6DXG2hsGEt5HeQDY0Tg&google_push=AXcoOmQhgqDoNBaTOjvKyxZXqosDj_3S1AhT-g2GOp59NE2n8LKqxrUo6O8tsLfVzqB9PRXIze9drdme5I8ZoJoGQobbpsughXxBOQ
Request Chain 510
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPTlt7q2zjZCZz4SsGKcslQ&google_cver=1&google_push=AXcoOmQ7jX0vnWJQZsuLc3SfwcevLoEBKH5IKvG41LZa39vIoLZJV8z4DGnEHPBZrJWlRpHUknCM72VHgOOTaX7edJArkHtjaEKGSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Request Chain 511
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENHtgbTwolzOresqAl5NflY&google_cver=1&google_push=AXcoOmQDqH2BR_tK-grv00Q7pZtFC0APoe3YK-XN4Fxo1H0-SPHSm6g91GCTHIPq19AMSZAW6gxwCIpVlgHfDC2H5bFFkcr-dcUYog HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xT0tFJAaShwByvKSqyjHWA&google_push=AXcoOmQDqH2BR_tK-grv00Q7pZtFC0APoe3YK-XN4Fxo1H0-SPHSm6g91GCTHIPq19AMSZAW6gxwCIpVlgHfDC2H5bFFkcr-dcUYog
Request Chain 512
  • https://a.c.appier.net/gcm?google_gid=CAESECbLfoIr6Q936n8jfNjxasM&google_cver=1&google_push=AXcoOmRB9-p4hVquhaSMODxxTF58ba6lvIOrByKZpwFkY0TtxIEuf7oMvhfnli2gC7DULPjbNj7RloG99-JkIw56iUoNSjt8LWYJcA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=S08wOGNpbnZEZmliQTU0QnczS1daUQ%3D%3D&google_push=AXcoOmRB9-p4hVquhaSMODxxTF58ba6lvIOrByKZpwFkY0TtxIEuf7oMvhfnli2gC7DULPjbNj7RloG99-JkIw56iUoNSjt8LWYJcA
Request Chain 513
  • https://sync.inmobi.com/gob?google_gid=CAESEJn7m0fzdkoPatqM6sphfyc&google_cver=1&google_push=AXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6EEKAXAa23oWA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6EEKAXAa23oWA HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-add1v_2kFmrLuV1IWzXia1m5QxUk_xpL3XjjokqSew&google_push=AXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6EEKAXAa23oWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=OAE2LYx1QgNAGbPXJfHy&google_push=AXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6EEKAXAa23oWA&google_nid=inmobi_new_eb
Request Chain 514
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPtqT3SJt5tr_qMK1v9WeH8&google_cver=1&google_push=AXcoOmTPWwX4aKZJ-11xpVSt9DEgk60ZGsVNEnrbpF1WapuqA40AUfwwsxbGUqwNPiSrtElQLQqymICqlzyD79O4L_J41llHXso08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTPWwX4aKZJ-11xpVSt9DEgk60ZGsVNEnrbpF1WapuqA40AUfwwsxbGUqwNPiSrtElQLQqymICqlzyD79O4L_J41llHXso08w HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 519
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJBdViHQP1IWhRdUoYtZs_g&google_cver=1&google_push=AXcoOmRAvr0YQlXVEDWYJTTkofjsGpbs0S6I3kyrabnZ0JdGf_196Xt94wDG-gmLQaf8I_czlKtUpc4m3xAYAIPJvasfa0QMIoo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=872560550554&us_privacy=1---
Request Chain 520
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGgNup83ctZ5pRwbOYDyN2c&google_cver=1&google_push=AXcoOmTB2WpcQgG9BxkiZm2UioaB6Fz916DnLT803I0kGsIpxBcIEF3KW4HJy4hEPjPOoPPaGDkVNhtDK1gADRDDU2i1IAW2WXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTB2WpcQgG9BxkiZm2UioaB6Fz916DnLT803I0kGsIpxBcIEF3KW4HJy4hEPjPOoPPaGDkVNhtDK1gADRDDU2i1IAW2WXQ&google_hm=b2FQTTBzSk8yZWlHQlpHWGJGYjY=
Request Chain 521
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECVcqfzGHQDUSnHoXQ3PRZg&google_cver=1&google_push=AXcoOmTD7Ch1bQF9e5rHkPj_ZMUDazfR1LBnXdmhBpMw5aY-QOdxmb8obnSxRrqTfEdGyuUqSphsBz7OzXJxL_NMGLArxgT6LrM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=75VtjvQJUThyUo15rWbu4SaEdkQ&google_push=AXcoOmTD7Ch1bQF9e5rHkPj_ZMUDazfR1LBnXdmhBpMw5aY-QOdxmb8obnSxRrqTfEdGyuUqSphsBz7OzXJxL_NMGLArxgT6LrM
Request Chain 522
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA3JGGcgVL7ODT-g2Orp_hc&google_cver=1&google_push=AXcoOmSrH7-owLVbjp1j7U9Y0AivvmejyysPr0HUkMjf2PWNv_t_nE3PayryKKKKjv1JXt8_vO6dMgj_lLGhQsHgtBuC1B6SZKg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3MDEyMzE3MzMyOTY5MDM0NzgzOA%3D%3D&google_push=AXcoOmSrH7-owLVbjp1j7U9Y0AivvmejyysPr0HUkMjf2PWNv_t_nE3PayryKKKKjv1JXt8_vO6dMgj_lLGhQsHgtBuC1B6SZKg
Request Chain 523
  • https://cs.media.net/cksync?type=g&google_gid=CAESELaMriF4LrgPDvF-Jr2VrWw&google_cver=1&google_push=AXcoOmQNC1H2zkpZRdwMflFJEcaGcg1D77yXpQBAi936Bt8wev6d21LfhU2FEayNBBwyqOVKoiVF94vTkj_VP2fFDNq3SseV8XY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3d%3d&mn_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQNC1H2zkpZRdwMflFJEcaGcg1D77yXpQBAi936Bt8wev6d21LfhU2FEayNBBwyqOVKoiVF94vTkj_VP2fFDNq3SseV8XY&gdpr=&gdpr_consent=
Request Chain 524
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJ24MyA-3HVYXWdv1SrtBoQ&google_cver=1&google_push=AXcoOmREJinVo9t8u6sA0cvREzePov2j5B5PDITTdwqDvzRaDveYnGwjnadQhV3VEJDXoGjYUPAoq_IdeVe_TbndJ-pBHK-2KQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmREJinVo9t8u6sA0cvREzePov2j5B5PDITTdwqDvzRaDveYnGwjnadQhV3VEJDXoGjYUPAoq_IdeVe_TbndJ-pBHK-2KQ&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
Request Chain 525
  • https://sync.inmobi.com/gob?google_gid=CAESEPutp2UJtgZH87lReaNp0Nk&google_cver=1&google_push=AXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-SyIHHFCvj HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-SyIHHFCvj HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-add1v_2kFmrLuV1IWzXia1m5QxUk_xpL3XjjokqSew&google_push=AXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-SyIHHFCvj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=OAE2LYx1QgNAGbPXJfHy&google_push=AXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-SyIHHFCvj&google_nid=inmobi_new_eb
Request Chain 535
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFf9-rI5jgDMCtAchODAU7U&google_cver=1&google_push=AXcoOmRQQERCrjFujxJ6byhOWl8ukBveWxXmyM2pOFSOio6P_DKSNdWRSH5hReN_dcoMYwZKXf6E_UwZ05wXtyvJeEYEhRA56cXH HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFf9-rI5jgDMCtAchODAU7U&google_cver=1&google_push=AXcoOmRQQERCrjFujxJ6byhOWl8ukBveWxXmyM2pOFSOio6P_DKSNdWRSH5hReN_dcoMYwZKXf6E_UwZ05wXtyvJeEYEhRA56cXH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXdiRXhHRXcxUmxqd0s1&google_gid=CAESEFf9-rI5jgDMCtAchODAU7U&google_cver=1&google_push=AXcoOmRQQERCrjFujxJ6byhOWl8ukBveWxXmyM2pOFSOio6P_DKSNdWRSH5hReN_dcoMYwZKXf6E_UwZ05wXtyvJeEYEhRA56cXH
Request Chain 536
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEGuSIu12NR8RuTHhZ4EVj-0&google_cver=1&google_push=AXcoOmTlRDWV2yHKg6rMn8Zr83n8a-h2DKs7rj0Zr4xDrbzpUF54FSLv_R01Ym8-K-uYzK6o7qJLE8jLLKDy6TIRrguo-65BbZLY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTlRDWV2yHKg6rMn8Zr83n8a-h2DKs7rj0Zr4xDrbzpUF54FSLv_R01Ym8-K-uYzK6o7qJLE8jLLKDy6TIRrguo-65BbZLY&google_hm=UjMzNjQ1XzEwRUMwQzBGM19DRDAxMTk5NQ%3D%3D
Request Chain 537
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFJKGkl-0YhP7cvLuwOPt3g&google_cver=1&google_push=AXcoOmSZrrKNrU4_j0RsyGsEARmUUO6zZP5C368MD8jwDbICopOB6l7CubregJUyUsQA79N1WLLy73b0n1--CyrF2ms-z6XWRQ_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTQ0NGY2MzEtMjE3ZC00ZDkyLWE2NjItMGI3OTFkYzJiYmJh&google_gid=CAESEFJKGkl-0YhP7cvLuwOPt3g&google_cver=1&google_push=AXcoOmSZrrKNrU4_j0RsyGsEARmUUO6zZP5C368MD8jwDbICopOB6l7CubregJUyUsQA79N1WLLy73b0n1--CyrF2ms-z6XWRQ_g
Request Chain 538
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEpD1rNKry4-UdH3Jgp4Zgs&google_cver=1&google_push=AXcoOmRTDK9v_2eGSkTjJWZCp5VK2TBg-pbHo4vE2LSZOrsijFo80HBxYDzNd-iNLsfMqWtx68wKF1z4Vc9glJSqQbwAak3yJTn5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=872560550568&us_privacy=1---
Request Chain 539
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDn3dGiN58ksejjXjUafn7Y&google_cver=1&google_push=AXcoOmSswvVDHOR6RAJQ-FZMl9eVNA333JmA_n0MmXim2wn8RabjVXO4AdfUa14haIBjzJG5dfBMhIsKa007k-RQ1-XtG8h7pxpH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSswvVDHOR6RAJQ-FZMl9eVNA333JmA_n0MmXim2wn8RabjVXO4AdfUa14haIBjzJG5dfBMhIsKa007k-RQ1-XtG8h7pxpH&google_hm=l8b1os1UQwOPhrlz96TkbA==
Request Chain 540
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOjc0Gd4HATtkYWsHNmTZu0&google_cver=1&google_push=AXcoOmTfxB8ctEHLs-zl_fdTUgqvCiWudfEAvo4GA20Y6OCkfByuq423Da8mHUNVVhVX9_oIiMgZAoJhoIRuz-if7UVGU_xpHCuSkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTfxB8ctEHLs-zl_fdTUgqvCiWudfEAvo4GA20Y6OCkfByuq423Da8mHUNVVhVX9_oIiMgZAoJhoIRuz-if7UVGU_xpHCuSkA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 541
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAjI_HhNARvh8QQMtJgOBuU&google_cver=1&google_push=AXcoOmT19tDRvEQ6cmfmqfeClbNI8lCPtPijmqsYyj5mW-6AgsZzHLWSa4yzeVgYt4V2xibcaZGTDr_UcpSc3YowSEhIayaOY6PnUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT19tDRvEQ6cmfmqfeClbNI8lCPtPijmqsYyj5mW-6AgsZzHLWSa4yzeVgYt4V2xibcaZGTDr_UcpSc3YowSEhIayaOY6PnUg
Request Chain 543
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJDHqkY6ct2lgTibQgHrS40&google_cver=1&google_push=AXcoOmTbbbcVAYFO1rKwK6IwK3Z4TUwl3FSasL9s6B6X8FtV9iom_fILfXRBLhFdQIQAsWP4t0bcMfZDiodf8jW8etCRF6winnT2 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=95860097b10076b&is_secure=true&networkId=14000&version=1&google_gid=CAESEJDHqkY6ct2lgTibQgHrS40&google_cver=1&google_push=AXcoOmTbbbcVAYFO1rKwK6IwK3Z4TUwl3FSasL9s6B6X8FtV9iom_fILfXRBLhFdQIQAsWP4t0bcMfZDiodf8jW8etCRF6winnT2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACWMpEdPzD1gMpeurtAAAAAAA&expiration=1704444994&google_cver=1&is_secure=true&google_gid=CAESEJDHqkY6ct2lgTibQgHrS40&google_push=AXcoOmTbbbcVAYFO1rKwK6IwK3Z4TUwl3FSasL9s6B6X8FtV9iom_fILfXRBLhFdQIQAsWP4t0bcMfZDiodf8jW8etCRF6winnT2
Request Chain 544
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPTXCnQxFGsSlDilIfwqPIs&google_cver=1&google_push=AXcoOmSTOjqyr7wkQH5QKy5QJDzz-HtlrYY42CVK7xH93TrsFUpj2sNxCAHVTazTkwlK-tb4ZzCAMIASdyw3-8jNnx1DP0q2W5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Request Chain 545
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDuxXyacchcN2GETWN98qs0&google_cver=1&google_push=AXcoOmQOpNK0ORTzIHBwwCI4dRsMeyRPJzhcIlIOvW8Re21nNgqkI19Orrh0PQH8r_gB2yjaC_XeNIAltYenRolanewgGcbhyZI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQOpNK0ORTzIHBwwCI4dRsMeyRPJzhcIlIOvW8Re21nNgqkI19Orrh0PQH8r_gB2yjaC_XeNIAltYenRolanewgGcbhyZI&google_hm=b2FQTTBzSk8yZWlHQlpHWGJGYjY=
Request Chain 546
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELpkxdqtL2vV2z-4DJJjhnA&google_cver=1&google_push=AXcoOmTWtRsVjKiCnySKEiM-zGJY8VYnfpPedSn9FdPqF6VlD6nKAiMyT2Y0aWxYlg7lPDO9E3dKeIMI2u9foy3qNssOLn24uME6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=331d97c4aa&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/smaato/?cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001748%26dspCookie%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=, HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1001748&dspCookie=&gdpr=0&gdpr_consent=,&gdpr=0&gdpr_consent=, HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=331d97c4aa&gdpr=0&gdpr_consent=,,,
Request Chain 547
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBsS10rf4nBXNKMRBbe_m5s&google_cver=1&google_push=AXcoOmTRCBvA_wtgUgQEArcEgh0p64PkF00QIBW7cQfu7FGVIoh_n7QycXJRibO_WtDTikoDA9GVDqWr0dBSWkdr-9y7X3EsIqBvqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzFkZjEyOTgtNzQzZi00ZTU0LWJiMjctNzM1NmE2YmI4ZDZj&google_push=AXcoOmTRCBvA_wtgUgQEArcEgh0p64PkF00QIBW7cQfu7FGVIoh_n7QycXJRibO_WtDTikoDA9GVDqWr0dBSWkdr-9y7X3EsIqBvqg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 548
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESENNJHrvSxYVO9eCeKAd3p5I&google_cver=1&google_push=AXcoOmRdNew5bPA63uIqRSPuMlF9Bp79DHJMESzdUD6iX0K207MKr-kMdRm01PRSErNwl1d_KA03tDbuK_km9WmH9XylXT7a8C2Rsw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRdNew5bPA63uIqRSPuMlF9Bp79DHJMESzdUD6iX0K207MKr-kMdRm01PRSErNwl1d_KA03tDbuK_km9WmH9XylXT7a8C2Rsw&google_hm=746ded221a01ed952t9qag00lqyz3mox
Request Chain 549
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEL7fxo3HPJiTeG7l9Y8k-v8&google_cver=1&google_push=AXcoOmS81eq29IKDF6Q4Fms2beb15dDDQD1pv1Kbxg6KBXbWd0_jDxiWxGpxtOu3IhXIbSaflzlHmiMQI21O4rK8fJ104pNSBkGhaA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjM2OTc5ODUwNjkzNzA4NzY1&google_gid=CAESEL7fxo3HPJiTeG7l9Y8k-v8&google_cver=1&google_push=AXcoOmS81eq29IKDF6Q4Fms2beb15dDDQD1pv1Kbxg6KBXbWd0_jDxiWxGpxtOu3IhXIbSaflzlHmiMQI21O4rK8fJ104pNSBkGhaA
Request Chain 555
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLN3BVN0xMT1lBQUJaN1VheVJpdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAK7pU7LLOYAABZ7UayRiw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3011296250024499263&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAK7pU7LLOYAABZ7UayRiw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3011296250024499263%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3011296250024499263&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAK7pU7LLOYAABZ7UayRiw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAK7pU7LLOYAABZ7UayRiw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3011296250024499263%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3011296250024499263&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAK7pU7LLOYAABZ7UayRiw&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6lyTE6PaS6qleWX35KfPdQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 558
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttd_puid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
Request Chain 561
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUE1QzkzMTMtQTNEQS00QkFBLUE1NzktNjVGN0U0QTdDRjc1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 562
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED_YHbpzPl2h2AzZ4FdV8O8&google_cver=1
Request Chain 563
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:42D3FF6D47FB4FDCBA093AD588E3B0A1
Request Chain 564
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
Request Chain 566
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_AZKbVZE2uUQaXtmw..IYSa1_xfC3J8-~A&gdpr=0
Request Chain 567
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&gdpr=0&gdpr_consent=
Request Chain 568
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7995778992001487599&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 571
  • https://id5-sync.com/i/1013/8.gif?id5id=ID5*ErV7mcwsu74ZGqb1O4oqShiIputm9eCyOAxnS9GbjdN6ADwRxytSqx2WgaG344SYegEPD1f4ojUOjt4QlOjaJw&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1013/108/7/2.gif?puid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttl=%%TTL%% HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F1245%2F5%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/1013/1245/5/4.gif?puid=H7yYaLZHttzIvJpmTweNNASm&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-add1v_2kFmrLuV1IWzXia1m5QxUk_xpL3XjjokqSew&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1013%2F124%2F4%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-add1v_2kFmrLuV1IWzXia1m5QxUk_xpL3XjjokqSew&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1013%2F124%2F4%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/1013/124/4/5.gif?puid=f501ae40-c8fe-4c1d-be07-b5ee7674725a&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F429%2F3%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1013/429/3/6.gif?puid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F796%2F2%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1013/796/2/7.gif?puid=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F203%2F1%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/1013/203/1/8.gif?puid=dfd9c401-4826-49c5-a91b-134ec9897dcf&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=636979850693708765&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F1246%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/1013/1246/0/9.gif?puid=H7yYaLZHttzIvJpmTweNNASm&gdpr=0&gdpr_consent=
Request Chain 572
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQYZ3LUL-20-86GL HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LQYZ3LUL-20-86GL
Request Chain 583
  • https://um.simpli.fi/gp_match?google_gid=CAESEOHJBl8Dzh61g2UmLWERRjM&google_cver=1&google_push=AXcoOmTyeB212Tt4T9HXPztwh8Hs__eri6mBqos5PrRMdCa3V_JpJjJtrra_3w1BSuooMXktwFngyxfAcrjhCyh0vMnLwUVxOGw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=42D3FF6D47FB4FDCBA093AD588E3B0A1&google_push=AXcoOmTyeB212Tt4T9HXPztwh8Hs__eri6mBqos5PrRMdCa3V_JpJjJtrra_3w1BSuooMXktwFngyxfAcrjhCyh0vMnLwUVxOGw
Request Chain 584
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELLTgWPemF-TUCfpycq3CjI&google_cver=1&google_push=AXcoOmT5IjLxZ3JOR2WRTZWG-6koYOtHuR-Q0w0xpVhTduSjaZANujjLDkqv-n122ckEThxoRrgFXZfeC4nwr00x4aB3BR36OI4o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Request Chain 586
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1&google_push=AXcoOmTh3z7Mn8DP2Stluh1ij1awnPJBDrrfQKUbhsy5yzgyS3Tx3D5fhQrJbV62BWHEa9sRlxN_MZRnE6-cGg6BtU6KnFbcmpSH HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_push=AXcoOmTh3z7Mn8DP2Stluh1ij1awnPJBDrrfQKUbhsy5yzgyS3Tx3D5fhQrJbV62BWHEa9sRlxN_MZRnE6-cGg6BtU6KnFbcmpSH&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_hm=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&google_nid=index&google_push=AXcoOmTh3z7Mn8DP2Stluh1ij1awnPJBDrrfQKUbhsy5yzgyS3Tx3D5fhQrJbV62BWHEa9sRlxN_MZRnE6-cGg6BtU6KnFbcmpSH
Request Chain 587
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJCaOtKJW7ekA23FCQg88NY&google_cver=1&google_push=AXcoOmSrtqttLx1mq9iBfGcOKaLVxcpK-erv4myDlrUVPmzDr5JPJdv4cOtOjf9F0qqpx9Q_jSqjZtkRdb0BgGtgxzjQyN82e6Uc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSrtqttLx1mq9iBfGcOKaLVxcpK-erv4myDlrUVPmzDr5JPJdv4cOtOjf9F0qqpx9Q_jSqjZtkRdb0BgGtgxzjQyN82e6Uc&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
Request Chain 588
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOR97lrEJTwCDw-u45ueqd0&google_cver=1&google_push=AXcoOmQKzAfBto-zvUguZmyLhGXZxqg_i4P91fLLEUNK_2EDj0OsKtx5FHPHWK1RGcicQCI5KplHJKWTQM8tQrqpwWIfsY_riPkBxg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQKzAfBto-zvUguZmyLhGXZxqg_i4P91fLLEUNK_2EDj0OsKtx5FHPHWK1RGcicQCI5KplHJKWTQM8tQrqpwWIfsY_riPkBxg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 589
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEOZlhzfv5mpEmf14M4o30iA&google_cver=1&google_push=AXcoOmSPXLsmKsXwGOey7BRPVf9Xm2iyVpsCYo2oM7IEIevcncM6ahNdB_6pHUbWl7s0F3Yt1fiaHdsBXPG8revwLFk9UuF0sywIUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSPXLsmKsXwGOey7BRPVf9Xm2iyVpsCYo2oM7IEIevcncM6ahNdB_6pHUbWl7s0F3Yt1fiaHdsBXPG8revwLFk9UuF0sywIUg
Request Chain 591
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Request Chain 592
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 594
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=19989a4361a90581&is_secure=true&networkId=17100&version=1&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAClYqgdsPlNAN7ny68AAAAAAA&expiration=1704444995&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&is_secure=true&gdpr_consent=&gdpr=-1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DEA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Request Chain 595
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=636979850693708765
Request Chain 596
  • https://match.sharethrough.com/universal/v1?supply_id=k0cy4N0g HTTP 302
  • https://router.infolinks.com/dyn/sthr-us?user_id=d47d5a5d-7b3c-413f-a3f9-885860ad57ae
Request Chain 597
  • https://pxl.iqm.com/i/ck/infolink?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fiqm-us%3Fuid%3D%7BIQM_COOKIE%7D%20 HTTP 302
  • https://router.infolinks.com/dyn/iqm-us?uid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5
Request Chain 598
  • https://ssbsync.smartadserver.com/api/sync?callerId=112&gdpr=0&gdpr_consent= HTTP 302
  • https://router.infolinks.com/dyn/eqv-us?user_id=3011296250024499263&gdpr=0&gdpr_consent=
Request Chain 599
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5
Request Chain 600
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t~A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t~A HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=636979850693708765&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
Request Chain 601
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7476441822 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/096ff5a8-509a-4ad7-9e7e-5f6dfcb42205 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-d414429b-91ca-4e66-977e-78ebb86b19bc-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
Request Chain 602
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=oaPM0sJO2eiGBZGXbFb6
Request Chain 603
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/tplift?uid=2470123173329690347838
Request Chain 604
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/sonobi-usync?uid=6e6e8eff-b5f9-4db9-b257-c5768bc40410
Request Chain 606
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1~A
Request Chain 607
  • https://sync.adkernel.com/user-sync?zone=208912&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fqora-usync%3Fuid%3D%7BUID%7D HTTP 302
  • https://ap.lijit.com/pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D208912%26dsp%3D420324%26t%3Dimage%26uid%3D%24UID HTTP 307
  • https://sync.adkernel.com/user-sync?zone=208912&dsp=420324&t=image&uid=H7yYaLZHttzIvJpmTweNNASm HTTP 302
  • https://router.infolinks.com/dyn/qora-usync?uid=A6889557712162601980
Request Chain 608
  • https://ads.stickyadstv.com/user-matching?id=3695&gdpr=&gdpr_consent= HTTP 302
  • https://router.infolinks.com/dyn/frwh-us?user_id=ba29f0725862814f34312b35923b1c62&gdpr_consent=&gdpr=
Request Chain 609
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=H7yYaLZHttzIvJpmTweNNASm
Request Chain 610
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=173b4786db7c069b&is_secure=true&networkId=17100&version=1&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABcSc2fYNP5AMmLK9uAAAAAAA&expiration=1704444995&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&is_secure=true&gdpr_consent=&gdpr=-1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 611
  • https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP 302
  • https://router.infolinks.com/dyn/mnet-usync?uid=3473601931523688000V10
Request Chain 612
  • https://cm-x.mgid.com/5abf3d2eff2f70c0a0669cd9f0f84ba0.gif?puid=[UID]&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmgid-us%3Fuser_id%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/mgid-us?user_id=24e02afd-9be6-4ed8-9445-99318014a9e7
Request Chain 613
  • https://sync.1rx.io/usersync2/rmpssp?sub=infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2597021795 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/096ff5a8-509a-4ad7-9e7e-5f6dfcb42205 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-d414429b-91ca-4e66-977e-78ebb86b19bc-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
Request Chain 614
  • https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP 302
  • https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk
Request Chain 615
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=1797288129605757534
Request Chain 616
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks HTTP 302
  • https://router.infolinks.com/dyn/disus?uid=ua-d400ded6-2d9e-327e-a8ba-f5c0ce55b761
Request Chain 617
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP 302
  • https://router.infolinks.com/dyn/33a-usync?uid=212406146400894
Request Chain 618
  • https://router.infolinks.com/dyn/iq-usync HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed&3rddpi=1810047279&3rdpcid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5&3rddpi=1639354730&3rdpcid=y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1%7EA&3rddpi=1634346717&3rdpcid=oaPM0sJO2eiGBZGXbFb6&3rddpi=1213503647&3rdpcid=y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t%7EA&3rddpi=1239766150&3rdpcid=e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5&3rddpi=443164713&3rdpcid=ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk&3rddpi=1023151617&3rdpcid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed&3rddpi=1810047279&3rdpcid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5&3rddpi=1639354730&3rdpcid=y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1%7EA&3rddpi=1634346717&3rdpcid=oaPM0sJO2eiGBZGXbFb6&3rddpi=1213503647&3rdpcid=y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t%7EA&3rddpi=1239766150&3rdpcid=e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5&3rddpi=443164713&3rdpcid=ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk&3rddpi=1023151617&3rdpcid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&ckls=true&ci=fdgDXCEEHQ&nc=false&trid=1161958804
Request Chain 619
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQYZ3LUL-20-86GL
Request Chain 620
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQYZ3LUL-20-86GL&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQYZ3LUL-20-86GL&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 621
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQYZ3LUL-20-86GL
Request Chain 622
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=75VtjvQJUThyUo15rWbu4SaEdkQ
Request Chain 623
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=4c274e16-0996-4920-97e8-8091cd32e709
Request Chain 624
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3718888275283899047
Request Chain 625
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=dfd9c401-4826-49c5-a91b-134ec9897dcf
Request Chain 626
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQYZ3LUL-20-86GL
Request Chain 627
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7995778992001487599&expires=60&gdpr=0&gdpr_consent=
Request Chain 628
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=636979850693708765&expires=30
Request Chain 629
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=925205737 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/096ff5a8-509a-4ad7-9e7e-5f6dfcb42205 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-d414429b-91ca-4e66-977e-78ebb86b19bc-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
Request Chain 630
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 631
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQYZ3LUL-20-86GL
Request Chain 632
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQYZ3LUL-20-86GL
Request Chain 633
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQYZ3LUL-20-86GL&name=RUBICON
Request Chain 634
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LQYZ3LUL-20-86GL HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
Request Chain 667
  • https://id5-sync.com/s/441/9.gif?puid=u_ef05a4f4-ea21-4132-8f9b-509d7f0f4b21&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/8/2.gif?puid=6e6e8eff-b5f9-4db9-b257-c5768bc40410&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/7/3.gif?puid=636979850693708765&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F6%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/203/6/4.gif?puid=dfd9c401-4826-49c5-a91b-134ec9897dcf&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F5%2F5.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/796/5/5.gif?puid=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttl=%%TTL%% HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAK7pU7LLOYAABZ7UayRiw&id5AccountNum=155&numCascadesAllowed=9
Request Chain 670
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEcF888LLF8ncRyQhGBf HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=636979850693708765&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
Request Chain 671
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQYZ3LUL-20-86GL
Request Chain 672
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=636979850693708765&pn_id=an
Request Chain 673
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=pGp0OXObzqUD&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 674
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DEA5C9313-A3DA-4BAA-A579-65F7E4A7CF75%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent=
Request Chain 675
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&expiration=1706950595&gdpr=0&gdpr_consent=
Request Chain 676
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1
Request Chain 677
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZZywm0kJuFq-2paTsMZ7QAA%261655&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZZywm0kJuFq-2paTsMZ7QAA%261655&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=acb33ec328914effa1f7705c73607972 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=acb33ec3-2891-4eff-a1f7-705c73607972 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26pid%3D500040%26it%3D1%26iv%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26_%3D1704358595.7647069&cb=1704358595.764751 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26pid%3D500040%26it%3D1%26iv%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26_%3D1704358595.7647069 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&pid=500040&it=1&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&_=1704358595.7647069 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704358595.7647069&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Request Chain 679
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970314647640213723
Request Chain 680
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB
Request Chain 682
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 688
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=6583bcd7-870f-5d48-2d9d-ca47265a84f2 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=1fvibwpsys9n4
Request Chain 689
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=75VtjvQJUThyUo15rWbu4SaEdkQ
Request Chain 690
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=d6a01db8-cded-4430-ac21-1af5e7a5ca01&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZZZyw_ZVWwS9bs1nA8HEhcKA
Request Chain 691
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=FnijYTYRwVA8wM0D0I7-ig==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 692
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
Request Chain 693
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&gdpr=0&gdpr_consent=
Request Chain 709
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs5eswHKWZea0F73SjvQPvqCBwAft8s2SdbrlrZqYEoKah5-iDhABINjV2CtgyYaAgNyjxBCgAYvliMUDyAEJ4AIAqAMByANIqgSVAk_QqGUBiq41WCxHnSqqEISQk9n3QGS8tsQFG2rfxW5w1aW0U9FvibrJTPQwQrEj29ge40g1rUNQiGn1Oqm47J-GPjphqYI-cbiaYon3-t0ETLMlxFOyD06Tx-XSgt7xESUyW58JQXnq8QMzij6eqFbtdy6qKIdZx2P3WjMx6is-UtiP-pxY8kM6esM36l3QfhUgrMlbvQhHyxRulJICX2u-IScs0V0icBECSXoQYzpmCjJILhY5W03PXcwjqM8yQDKvGpOquPFdnZrMEQ3juGaHA4i8RfrWJ7rXrjDjic1uwFcbYqO5T116Mp1n8YMy7VTiM35jlWeEncg4RQdQ9kaFSUvZbBKIG5zbBG4YA8WT_UbOqO3ABPyoobzfAeAEAYgF8aeYtAOgBi6AB92a9zqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC16QfSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLDE3sOuw4MDmglPaHR0cHM6Ly93d3cubWlhbWlkYWRlLmdvdi9nbG9iYWwvbmV3cy1pdGVtLnBhZ2U_TWR1aWRfbmV3cz1uZXdzMTY5MjAxNjIwNjcxMTUzNIAKA8gLAdoMEQoLEJC5zZeCpoa6rAESAgED4g0TCL3u3sOuw4MDFT2pgwgdPlAAeNgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05NTE3MTg1MTA2MjgzNjgyGJjbEA&sigh=zqBY5fyNdog&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_UJzxIb7iA7nrkSeJ0mgkElYac-0oKYYpi0OZJhucTcLTRUPNMVfuVGiJ2_4bwPnMWlDNbRX4OxgB&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4eb282a4bea46a430000000000000000%22,%222%22:%220x8188763280b65c0d0000000000000000%22,%223%22:%220x57a71576560c42330000000000000000%22,%224%22:%220x47465ee25d7fbc5a0000000000000000%22,%225%22:%220x7d798568ccb896ee0000000000000000%22},%22debug_key%22:%2212915839673057447507%22,%22debug_reporting%22:true,%22destination%22:%22https://miamidade.gov%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950153867%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214449335318488123057%22}&andc=true
Request Chain 713
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CvPZXv3KWZa_SG-O7oPMP76KRoAfn0qb2dNaJv97-EbCQHxABII3V3iRgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE3wFP0A4O6KbfIemDuBo_2jTFoi3QxsFZZ-3X_cXbNoS7bE3sGjJpv2Sq6o9_QGPv24-jqEU7Eklw9oKRkbSovj7ZnwfJrQlE3b60DKy1WIb74KWeJPStGw6qiW1edkFRVSiTDh3-bTSJUA-9Ln7CPujNkgnu31hLzAvC1Tz8GQX3kgCDs8inSc2l4bfcBOaD9LjI0NYrOTgcDRlMSoubGiUH3VS97Y2V4xLLssgsSk9b7CH4zVp5GOV5alt_VA4CoHRWVOpGKzb1nBlNzihIdDPWwEGPEnjkoNpkChe5Y2TSwATh9_fhgQSIBZeb65FDkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQzeIk0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljmlKfDrsODA5oJRGh0dHBzOi8vZnJlZS53ZWJjb21wYW5pb24uY29tL21pbmltZS8_YnRuPXN0YXJ0JmNhbXBhaWduPTE4MDIyNTgzNzAzgAoByAsBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQkOGi7ti03uJPEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi03MTA5ODY0MjU5MzQ4OTM4GAA&sigh=fiqeqY0u__k&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_fJ7nzj3g-nhwVP9V4dFgNkT-XwTdytD_p4cxu5e8pUKCSW5-YuN03N8g4xtw6lt0gUBZRNfW2ht2S10wBjrzPUuQvladGIC_z0IYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x88bda9d5f88dda8b0000000000000000%22,%222%22:%220x423cbe006ac2c4a0000000000000000%22,%223%22:%220xbd10b0b582b87890000000000000000%22,%224%22:%220xce78b6ec0c64cf0a0000000000000000%22,%225%22:%220xe08f966ee3927f020000000000000000%22},%22debug_key%22:%2211538322674021617687%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221330797567572316177%22}&andc=true
Request Chain 719
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CPJ7kv3KWZce2GsHPoPMPmvCOaOfSpvZ01om_3v4RsJAfEAEgjdXeJGDJhoCA3KPEEKAB9-KbtCjIAQKoAwHIA8kEqgTfAU_QUUfmFL7IR9kkcxorlFfSLD0h2qBefLo38A-swOCjPFOOn3JH-Qm52YsxDxxP5u3WTyDU-jWyOwpgdSNj_2VjPewGubl_g_gWWpHBtxzMElum2-9vkrUcff_YHOBY0WGC4kiyVlVaEFFTgU-g85t5DuuFqrZhVxgEARdUtGf2EUHaP1Jd2miuzsFHr_JaVdLpkhSaeAmmp_x8Hqo9Pf8rZGJm8VuAXT5-zTPc9tf-O17OeoywuL7kUf0boi4xlKvySrL3yHAosYmXovtS9-lFIT09s02ALuTY8falWWrABOH39-GBBIgFl5vrkUOSBQQIBBgBkgUECAUYBKAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDQqVbSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WM75pcOuw4MDmglEaHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lLz9idG49c3RhcnQmY2FtcGFpZ249MTgwMjI1ODM3MDOACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtoMEQoLELDfhNDGkOXWjgESAgED2BMN0BUBgBcBshccChoIABIUcHViLTcxMDk4NjQyNTkzNDg5MzgYAA&sigh=902y7QC-OG8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_O4bZfqpcj2LXGxnabm63VIF1j8XYhkiL9vkfJFsZ_6-VAFlzmbKYhkzUbGdy95Gti_oPjWeKYJtsUVBKlr4MMi5fL7Sy1xd5CRgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x88bda9d5f88dda8b0000000000000000%22,%222%22:%220x423cbe006ac2c4a0000000000000000%22,%223%22:%220xbd10b0b582b87890000000000000000%22,%224%22:%220xce78b6ec0c64cf0a0000000000000000%22,%225%22:%220xe08f966ee3927f020000000000000000%22},%22debug_key%22:%2213831010329402346234%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229936389462637891793%22}&andc=true
Request Chain 720
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%5BUID%5D HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=sonobi&gdpr=0&gdpr_consent=&us_privacy=1---&userId=6e6e8eff-b5f9-4db9-b257-c5768bc40410
Request Chain 730
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CAfbCv3KWZe_HGYbLoPMPx5KaoA6em_r2dMXm7bakEpeWjN_aDxABII3V3iRgyYaAgNyjxBCgAZup4LkDyAECqAMByAPJBKoE3wFP0BwNn4A1QiZUn5zXgCnZWo1QzyXHstTxuIelwBQl2hUS9chn7W0YgBQfQhyp1dZS_cK7RYJYA659hMC4RhTpFjszPpjr1FN4D3dN6wdzOgCG1261sR1gf4_XK2aBuIO8E-Yg7SljKQDGlpJFpg7-lTy1RNeJTmICQDhotRzEBuRpYJZHdjd5PgHGs3sPqxd5TYSZWvWetxYJo9fOEkgPzX0nBX0eV2y3ILlNxsJIzQ-yAJNNZis-SG18P3FLMYmhrALHkFS1AFbSZ_C2Y1bR6fJUQMgbo6bQMiO2IIiFwATA3KnI3QOIBfif0LMjkgUECAQYAZIFBAgFGASgBgKAB83Wn0aoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCflRvSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WJ2ApcOuw4MDmglHaHR0cHM6Ly93d3cuYW1hem9uLmNvbS9zdG9yZXMvcGFnZS84RDE2QzkxMC1FM0Y2LTRENjMtQkY5OC01Q0E2OUJGNTg2RDKACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLaDBEKCxCAjO3Dlo-Awq4BEgIBA9gTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MTA5ODY0MjU5MzQ4OTM4GACyGAUYAiIBAA&sigh=b4cbnwfg8qs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_7sxDUxz92TpxZVs77EeSLg5bw7nuMUstqRdH6XBnC1idIS0pAr9jjZvktZ6XvnZu90Dfzh6WhafA8nK7D3ctf-hr-SHPjnAVsykYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2d4fb2d177ea12dd0000000000000000%22,%222%22:%220x4241a4ab9dd5b8c60000000000000000%22,%223%22:%220xcdb6433e56e3d7890000000000000000%22,%224%22:%220x96cfb8a380295a1b0000000000000000%22,%225%22:%220xf6ceb574acadaf8e0000000000000000%22},%22debug_key%22:%226272100905726722113%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22926422171%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221428898484055820689%22}&andc=true
Request Chain 731
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 734
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 738
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
Request Chain 739
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=pGp0OXObzqUD&ev=1&us_privacy=1---&pid=562983
Request Chain 741
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=636979850693708765
Request Chain 742
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=3011296250024499263
Request Chain 743
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=oaPM0sJO2eiGBZGXbFb6&gdpr=0&us_privacy=1---
Request Chain 744
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Request Chain 745
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cm.mgid.com/m?cdsp=146480&gdpr=0&gdpr_consent=&us_privacy=1---&adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dseedtag%26user_id%3D%7Bmuidn%7D%26bsw_param%3D97c6f5a2-cd54-4303-8f86-b973f7a4e46c%26expires%3D10%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dseedtag%26user_id%3D%7Bmuidn%7D%26bsw_param%3D97c6f5a2-cd54-4303-8f86-b973f7a4e46c%26expires%3D10%26gdpr%3D0%26gdpr_consent%3D&cdsp=146480&gdpr=0&gdpr_consent=&us_privacy=1---&sct=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=303&ssp=seedtag&user_id=o04z1rxEQCU0&bsw_param=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&expires=10&gdpr=0&gdpr_consent= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=
Request Chain 746
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D&rd=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=661a61ac-6bee-4892-8121-1zz1704358498
Request Chain 748
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZZywtRGY3i0IrndgkdX3AAA%262945
Request Chain 749
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A
Request Chain 750
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID HTTP 303
  • https://s.seedtag.com/cs/cookiesync/adform?channeluid=3718888275283899047
Request Chain 751
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID HTTP 307
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H7yYaLZHttzIvJpmTweNNASm
Request Chain 752
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=9b77700b-462c-4cab-8c2d-327063743480
Request Chain 753
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkc77c4c75bd6243e4b341723856fa140d
Request Chain 754
  • https://creativecdn.com/cm-notify?pi=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=seedtag
Request Chain 755
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU88a2c345cef749f9ad89dcd7e5d07206
Request Chain 760
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=ba8cb3b4-4c4a-4670-8cab-e43f5583917f
Request Chain 761
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=H7yYaLZHttzIvJpmTweNNASm
Request Chain 762
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=pGp0OXObzqUD&ev=1&pid=562763
Request Chain 763
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZZZywtRGY3i0IrndgkdX3AAA%262945
Request Chain 764
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=636979850693708765
Request Chain 765
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34361%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/34361?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=7104abb1-a97a-4605-b391-df0f51751199&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=636979850693708765 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=7104abb1-a97a-4605-b391-df0f51751199
Request Chain 766
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6e6e8eff-b5f9-4db9-b257-c5768bc40410
Request Chain 767
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VEcF888LLF8ncRyQhGBf&gdpr=&gdpr_consent=&us_privacy=
Request Chain 771
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 772
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704358595193.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 773
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4a708add-0e53-4734-a44e-5c66e044d0b5&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=97c6f5a2-cd54-4303-8f86-b973f7a4e46c
Request Chain 774
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-SIIVgllE2uGjpi8G.pNW4Z.Adup1m_28~A
Request Chain 775
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4e8f27a3fdfb05ee&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAB9JqETkMN5AMVnG6VAAAAAAA&expiration=1704444995&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB9JqETkMN5AMVnG6VAAAAAAA&ts=1704358595&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 776
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2470123173329690347838 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2470123173329690347838&ts=1704358595&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 789
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL4z2zmWufhI6acOCxRSeUs&google_cver=1&google_push=AXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL4z2zmWufhI6acOCxRSeUs&google_cver=1&google_push=AXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 790
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEGCCwLJhQOhcOwXIrg24HBM&google_cver=1&google_push=AXcoOmT6Ayx3buKDWybvKt4LC4NliRfU7EfULxJI0oe8itdRDOfY-6MY3Nn559ZxcBufIDZNxyIwpGi756YqT_JMmdUf-BBQlmM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT6Ayx3buKDWybvKt4LC4NliRfU7EfULxJI0oe8itdRDOfY-6MY3Nn559ZxcBufIDZNxyIwpGi756YqT_JMmdUf-BBQlmM&google_hm=UjMzNjQ1XzEwRUMwQzBGM19DRDAxMTk5NQ%3D%3D
Request Chain 791
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIu-tceeFS8IAp1WF8W20W0&google_cver=1&google_push=AXcoOmQiy1w3v55a4UGw_H4BnTxZYvbPJla_UGeuDW19dJLcXg0u6gdfEwwbBup3RQy36oEs7SkTKCRR2BcdmzFbRE2gcFtaE-BA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxODg4ODI3NTI4Mzg5OTA0Nw&google_push=AXcoOmQiy1w3v55a4UGw_H4BnTxZYvbPJla_UGeuDW19dJLcXg0u6gdfEwwbBup3RQy36oEs7SkTKCRR2BcdmzFbRE2gcFtaE-BA
Request Chain 792
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOR97lrEJTwCDw-u45ueqd0&google_cver=1&google_push=AXcoOmQLEpAD3htET7WY7O3XW24VYE260bQaJyknrG_iI4MwRvD3PI3-16g2QEMH0Wkl4A5_3e7EJ-GeTo0P3PVcJt8XUApbVYBE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQLEpAD3htET7WY7O3XW24VYE260bQaJyknrG_iI4MwRvD3PI3-16g2QEMH0Wkl4A5_3e7EJ-GeTo0P3PVcJt8XUApbVYBE
Request Chain 793
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJCaOtKJW7ekA23FCQg88NY&google_cver=1&google_push=AXcoOmR8SiLhzvg1bj8tgGmF2grzH3nvQwx5Lp-9i9H8TLw2SSu-vBmLycM_X8rlDnKa1dlO3vgziEMOBzVXS2q4411Ssbodak8I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR8SiLhzvg1bj8tgGmF2grzH3nvQwx5Lp-9i9H8TLw2SSu-vBmLycM_X8rlDnKa1dlO3vgziEMOBzVXS2q4411Ssbodak8I&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
Request Chain 794
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEA4dwdir5C8Q6Lez_9kQLDc&google_cver=1&google_push=AXcoOmQjVY_XD1tAHBpMKYNCYaZeLFvaf9LtwKbRnGCE6kIHhxmpL7FzsN1B2Tdzj_Q6EnJ_CvaYrkIkp-R8CDhyOuFbR1IUOFET HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDQ3ZDVhNWQtN2IzYy00MTNmLWEzZjktODg1ODYwYWQ1N2Fl&google_push=AXcoOmQjVY_XD1tAHBpMKYNCYaZeLFvaf9LtwKbRnGCE6kIHhxmpL7FzsN1B2Tdzj_Q6EnJ_CvaYrkIkp-R8CDhyOuFbR1IUOFET
Request Chain 795
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEBpzweG2ZaFi22d8FlhF9Qs&google_cver=1&google_push=AXcoOmRQcgiEJcT9NwZmpDux2_I9Vke3aHQlsAAD0nicXNeh8j02EYsKI6eeWwlY4KVqdd1iHG6mk1RS2J_Grwg39FUCoU2DyIELTQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=CAws9VDNGkqPo7zLnWmRKg&google_push=AXcoOmRQcgiEJcT9NwZmpDux2_I9Vke3aHQlsAAD0nicXNeh8j02EYsKI6eeWwlY4KVqdd1iHG6mk1RS2J_Grwg39FUCoU2DyIELTQ
Request Chain 800
  • https://tracker.exchange.amitydigital.io/sync?id=11&uid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed HTTP 302
  • https://router.infolinks.com/dyn/amd-us?user_id=e8ada473-c67f-217f-2b24-39cc63c74461
Request Chain 801
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed=&partner_id=3337&partner_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fta-usync%3Fuid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252Chttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fta-usync%25253Fuid%25253D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252Chttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fta-usync%25253Fuid%25253D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=05661250126780334361948498372883485275&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2Chttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fta-usync%253Fuid%253D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C HTTP 302
  • https://router.infolinks.com/dyn/ta-usync?uid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385
Request Chain 802
  • https://sync.adkernel.com/user-sync?zone=202694&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F152mus%3Fuid%3D%7BUID%7D HTTP 302
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202694%26dsp%3D639242%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202694&dsp=639242&t=image&uid=636979850693708765 HTTP 302
  • https://router.infolinks.com/dyn/152mus?uid=A6889557712162601980
Request Chain 803
  • https://e.serverbid.com/usersync?cspi=154&ttt=1&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fcons-us%3Fuser_id%3D%24%7BUID%7D HTTP 302
  • https://router.infolinks.com/dyn/cons-us?user_id=d6c96a57362a4209896a57362a820900
Request Chain 804
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 805
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 806
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%26name%3DCRITEO%26visitor%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=dfd9c401-4826-49c5-a91b-134ec9897dcf
Request Chain 807
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Request Chain 808
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3718888275283899047&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 810
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAK7pU7LLOYAABZ7UayRiw&name=BEESWAX
Request Chain 811
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&name=THE_TRADE_DESK
Request Chain 812
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=oaPM0sJO2eiGBZGXbFb6&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 813
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=oaPM0sJO2eiGBZGXbFb6&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 814
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2%20&gdpr_consent=null&gdpr=0
Request Chain 815
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10EC0C0F3_CD011995&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 816
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ff220400dbed7046430cc2&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 817
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-ef956d8e-f409-5138-7252-8d79ad66eee1$ip$38.132.118.68&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 818
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=d43f5c03-b56a-48c4-be6b-bb4923127fef&gdpr=0&gdpr_consent=
Request Chain 819
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=196a60dc5be448d19d2517c4d452c5f6&gdpr=0&gdpr_consent=
Request Chain 822
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=4c274e16-0996-4920-97e8-8091cd32e709&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 836
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cn8TNv3KWZdaEGozUoPMPmryl2A-TjLf-c6D_wKG2Eoe0_J_cAhABII3V3iRgyYaAgNyjxBCgAdm89-4pyAEJqAMByAPLBKoE-QFP0M8UMurrxN_BiKIUiQHfVx4_xw3CMPmx7Bz6jSi3e2bwQqT6cb0KhTeK5LMsTMIQIcmzLeECG2CNISls2CGG_hKr65O7PklL_VUMGddPVsgQ7e-WJ-7xEsW64zRUrpwJZ2-7oShO-xvg_GkE-WmU0yv5i96c-EUtp9Incg-xSmOc7qFn7ada0w1rdM3pfLptcSRi1xbOC_n24EXd4BA3ruyhCdCArO_kP0NVHZvSEdSlJwjg5umMOVoV4aTB9dDeTC-UQRnUwYHc3Zmkx9pEUoiiMPrOdLRjXkESS9R4u2D7uuyV_lgmVEfGM3uXyBtyVugHKJkl16nABKvSu9q8BIgFue-_3EuSBQQIBBgBkgUECAUYBKAGLoAH2fTHzgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDn-BfSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKrCpcOuw4MDmgkhaHR0cHM6Ly93d3cuc20zNjBwaG90b2Jvb3Rocy5jb20vgAoByAsBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQwN7lt-CUyudVEgIBA7gTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItNzEwOTg2NDI1OTM0ODkzOBgA&sigh=25Vt7w6UDbg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_KE-4XhJSDSFWKbHqY0458Kz1iLcY8gTwTN2EH0TOxJ_Y26smM6_aHerGTlp3ihNB_WbLsUIrUwxeMDYRd8G2wv2_YQSMFgzySxgB&template_id=520&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd3414ed2c1023b730000000000000000%22,%222%22:%220x31f9b5cb0151b1f40000000000000000%22,%223%22:%220xc3bff8ed96d3c40b0000000000000000%22,%224%22:%220xed51192e8e5075680000000000000000%22,%225%22:%220x46ece16e33c37eca0000000000000000%22},%22debug_key%22:%229039211009992912007%22,%22debug_reporting%22:true,%22destination%22:%22https://sm360photobooths.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211238497881%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229279240488061552961%22}&andc=true
Request Chain 840
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 841
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 843
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Request Chain 850
  • https://id.a-mx.com/sync?tao=1&&do=duperb-shop.ngontinh24.com HTTP 302
  • https://c3.a-mo.net/b?uid=d4df4ddf-5b8c-4063-915f-64c3f4432203&sh=id.a-mx.com& HTTP 302
  • https://id.a-mx.com/set?oid=d4df4ddf-5b8c-4063-915f-64c3f4432203&uid=7104abb1-a97a-4605-b391-df0f51751199&
Request Chain 851
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=7104abb1-a97a-4605-b391-df0f51751199&gdpr=0&us_privacy=1--- HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-7815646130085081724 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=97c3dfbc-1351-5304-b931-afcfdca7dd0b&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 852
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=7104abb1-a97a-4605-b391-df0f51751199 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A
Request Chain 853
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=amx_com&uid=7104abb1-a97a-4605-b391-df0f51751199
Request Chain 854
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=openx&uid=f0f0a692-2608-4b97-b138-41a182cc06bd
Request Chain 855
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=adform&uid=3718888275283899047
Request Chain 856
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D7104abb1-a97a-4605-b391-df0f51751199%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dpubmatic%26uid%3DEA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=pubmatic&uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Request Chain 857
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=7104abb1-a97a-4605-b391-df0f51751199&bidder=index_rtb&uid=ZZZywtRGY3i0IrndgkdX3AAA%262945
Request Chain 858
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=sovrn&uid=H7yYaLZHttzIvJpmTweNNASm
Request Chain 859
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=appnexus&uid=636979850693708765
Request Chain 869
  • https://cs.media.net/cksync?cs=30&type=vdz&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dmedianet%26userId%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=medianet&userId=3473601931523688000V10&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 871
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=pGp0OXObzqUD&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 872
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=oaPM0sJO2eiGBZGXbFb6&gdpr=0
Request Chain 873
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ff220400ac3a23ca72f859&gdpr=0&gdpr_consent=
Request Chain 874
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
Request Chain 883
  • https://ssc-cms.33across.com/ps/?_=1704358596036.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212406146400894&gdpr=0&gdpr_consent=
Request Chain 884
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1706950596%26external_user_id%3D096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Request Chain 886
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253De65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3De65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553
Request Chain 887
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=75VtjvQJUThyUo15rWbu4SaEdkQ HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=75VtjvQJUThyUo15rWbu4SaEdkQ&ts=1704358596&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 892
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=a7d15b6955d88365d25d0be6e72b1200
Request Chain 896
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D656033%26a%3D482928%26domain%3Dvisitor.omnitagjs.com HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=f0f0a692-2608-4b97-b138-41a182cc06bd&traffic_source=snippet&session=78A324727F68D62D&sp=750078&pb=612004&c=656033&a=482928&domain=visitor.omnitagjs.com
Request Chain 899
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=H7yYaLZHttzIvJpmTweNNASm
Request Chain 900
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=661a61ac-6bee-4892-8121-1zz1704358498 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Drichaudience%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=richaudience&user_id=tZQJM4Kg_ijSelwA1Pu20 HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&us_ps=
Request Chain 902
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C2tLswXKWZaP0NteijvQPk4OYyAPt8s2SdbrlrZqYEoKah5-iDhABINjV2CtgyYaAgNyjxBCgAYvliMUDyAEJ4AIAqAMByANIqgSVAk_QoBvCoiAG0D46zmdUgi1oKLulALE5ZTnVRT9Zm0mibiaBco2lbfzUobyA32M6ws-dfIR9Q4DNfAVDSfoClTXNYjL7PgbtSw1aX_JdqxYIVecAAosE2IN6hgLLIsLsmdHtJljzYb8O5SmxHXH1qfpWGcpPqv3IIF-PpdrnnivwBZz0F9sI35MjdqPRGUvEoh36uR3swQjl3nboept-MkEHO6ZDc_QCnxxJRUASOM-IAXKec4ZXkjDHRl45ZviNNjJg-jaSaOowRLjFS2XlqIAAJE9COfeuClpu9U-dsOLHfQAhZVGFL9pWw-PV5YG4_cgA5EQQr5SSsBZkjToEFeulwzxttFQ2UU9-bhlIn6c32oiD3T7ABPyoobzfAeAEAYgF8aeYtAOgBi6AB92a9zqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDu1gvSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WP2Ku8Suw4MDmglPaHR0cHM6Ly93d3cubWlhbWlkYWRlLmdvdi9nbG9iYWwvbmV3cy1pdGVtLnBhZ2U_TWR1aWRfbmV3cz1uZXdzMTY5MjAxNjIwNjcxMTUzNIAKA8gLAdoMEQoLENDfis_L0baYggESAgED4g0TCIm3u8Suw4MDFVeRgwgdkwEGOdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05NTE3MTg1MTA2MjgzNjgyGJjbEA&sigh=0t2PMduwuU0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_csWCtFvJGysG806yL-S9QRLJT9FvzTxHZtD4_noQSKZbyawJjPB_ON6RXpi2aD7FcmQWNqhZ7hgB&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4eb282a4bea46a430000000000000000%22,%222%22:%220x8188763280b65c0d0000000000000000%22,%223%22:%220x57a71576560c42330000000000000000%22,%224%22:%220x47465ee25d7fbc5a0000000000000000%22,%225%22:%220x7d798568ccb896ee0000000000000000%22},%22debug_key%22:%2217993444074382109726%22,%22debug_reporting%22:true,%22destination%22:%22https://miamidade.gov%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950153867%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223137216531657655297%22}&andc=true
Request Chain 904
  • https://match.sharethrough.com/universal/v1?supply_id=TAEWcTBw&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
Request Chain 918
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_rJI1P-1EtDlsEXR-7Vc0fvmFIfltBDX_7OrefnZ
Request Chain 919
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
Request Chain 920
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1797288129605757534
Request Chain 921
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=42D3FF6D47FB4FDCBA093AD588E3B0A1
Request Chain 922
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=c998f5d9-a84d-420f-9832-7db2890105df HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7995778992001487599 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Request Chain 925
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1
Request Chain 926
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZZywtRGY3i0IrndgkdX3AAA%262945&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7995778992001487599 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Request Chain 927
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZZywtRGY3i0IrndgkdX3AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENc_j_sxLOMK0rpztnp_Pd0&google_cver=1
Request Chain 928
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=ba29f0725862814f34312b35923b1c62&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7320177744485245177&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAK7pU7LLOYAABZ7UayRiw&dataProviderId=817&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YmEyOWYwNzI1ODYyODE0ZjM0MzEyYjM1OTIzYjFjNjI=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEH56MCNCa070E3wYV5QnPX4&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=1wbExGEw1RljwK5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2211133&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f HTTP 302
  • https://jelly.mdhv.io/v4/pixie
Request Chain 929
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3011296250024499263&gdpr=0&gdpr_consent=
Request Chain 930
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZZywtRGY3i0IrndgkdX3AAA%262945&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=ba29f0725862814f34312b35923b1c62&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo103e_7320177744485245712&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/ba29f0725862814f34312b35923b1c62?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-f.OrGddE2oNRQmYEkbqT9JSKgR52AtteqDSocteY~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YmEyOWYwNzI1ODYyODE0ZjM0MzEyYjM1OTIzYjFjNjI=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEH56MCNCa070E3wYV5QnPX4&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=1wbExGEw1RljwK5&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5368859&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f HTTP 302
  • https://jelly.mdhv.io/v4/pixie
Request Chain 931
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a56ca7b2-d8e8-f36d-7d9ad8fb
Request Chain 944
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LQYZ3LUL-20-86GL HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQYZ3LUL-20-86GL&name=RUBICON&gdpr=0&us_privacy=1---
Request Chain 949
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LQYZ3LUL-20-86GL HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQYZ3LUL-20-86GL
Request Chain 952
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=636979850693708765&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:92b45752-a9f8-48a4-874d-9f7db9761957&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 953
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_3bdf3d294de14b9bb7d1b HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bf81f3a5-f308-4ccc-bc01-d5b8d2b8e578&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 954
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mryJl5u705OBvoSSn7udkp_o1cSButGUm720zBaN HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0eca7b9d-fd2a-4810-ac57-b53b076f13ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 955
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZZyxAAL_FwkngBd
Request Chain 956
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2b065bb2-aadf-11ee-b1df-8535da4c58cd
Request Chain 957
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1wbExGEw1RljwK5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0791ffe3-7eb5-4ba0-9860-1f07d8a26f6e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 958
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288129605757534 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fd51355a-5916-4f8e-bf36-76f554706a85&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 959
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=321b53aa-f48e-3bd6-8449-e16f9fb03b76&ssp=pubmatic&bsw_param=97c6f5a2-cd54-4303-8f86-b973f7a4e46c HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 960
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3cf3fa42-c766-4657-b648-86be7ec01220&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 961
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=872560550568 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:94516e38-8654-47c7-a560-3cfb214869ea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 964
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU88a2c345cef749f9ad89dcd7e5d07206 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Request Chain 966
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:71a86596-72c5-4400-ab6f-fc9691e649ff&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 967
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f52c0c08-cd50-4a1a-8fa3-bccb9d69912a&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Request Chain 968
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 969
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:42D3FF6D47FB4FDCBA093AD588E3B0A1&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5b53df11-b2c9-4972-ba28-9feaffe7e2c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 970
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=5205487822 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/fe546596-72c5-4900-80f4-27d38df54edb?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d414429b-91ca-4e66-977e-78ebb86b19bc-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
Request Chain 971
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7576449971279027690&uid=Q7576449971279027690&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7576449971279027690 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 972
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KO08cinvDfibA54Bw3KWZQ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 973
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75VtjvQJUThyUo15rWbu4SaEdkQ&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4a0be4f2-be4c-48c4-96e7-f43d2f18efa8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 975
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&vxii_pid=12&vxii_pid1=10067&vxii_rcid=76c7bfb4-7976-487e-9535-c54ab5b54a28
Request Chain 979
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Request Chain 980
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3718888275283899047 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Request Chain 984
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26pid%3D500040%26it%3D1%26iv%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26_%3D1704358597.133636&cb=1704358597.1336691 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26pid%3D500040%26it%3D1%26iv%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26_%3D1704358597.133636 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&pid=500040&it=1&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&_=1704358597.133636 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.133636&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Request Chain 985
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTc5NzI4ODEyOTYwNTc1NzUzNA==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHNQU7fl0X5HC_M8rpf7UaM&google_cver=1 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26pid%3D500040%26it%3D1%26iv%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26_%3D1704358597.4332464&cb=1704358597.4332805 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26pid%3D500040%26it%3D1%26iv%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26_%3D1704358597.4332464 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&pid=500040&it=1&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&_=1704358597.4332464 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.4332464&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Request Chain 988
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=1797288129605757534&r= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Request Chain 990
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=1797288129605757534&bid=omt9pi0 HTTP 302
  • https://ps.eyeota.net/match/bounce/?uid=1797288129605757534&bid=omt9pi0
Request Chain 1000
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZZyxAAL_FwkngBd
Request Chain 1002
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26pid%3D500040%26it%3D1%26iv%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26_%3D1704358597.133927&cb=1704358597.1339664 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26pid%3D500040%26it%3D1%26iv%3De90e1cc7-04d2-44ee-be9b-7d7cda730143%253A1704358595.7628064%26_%3D1704358597.133927 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&pid=500040&it=1&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&_=1704358597.133927 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.133927&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Request Chain 1004
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LQYZ3LUL-20-86GL HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQYZ3LUL-20-86GL
Request Chain 1005
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dgrid%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---?gdpr=0&gdpr_consent=&us_privacy=1---&uid=${BSW_UUID}&cookie_age=${COOKIE_AGE} HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 1009
  • https://idsync.rlcdn.com/712188.gif?partner_uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEY7xoe_bg4vqq5RXuXtzcU&google_cver=1
Request Chain 1012
  • https://ad.turn.com/r/cs?pid=54 HTTP 302
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=7995778992001487599&partnerDomain=turn.com&idType=cookie
Request Chain 1016
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Request Chain 1017
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vf0jdc4&ttd_tpi=1 HTTP 302
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&partnerDomain=adsrvr.org&idType=cookie
Request Chain 1021
  • https://u.openx.net/w/1.0/cm?cc=1&id=4241c706-9fd2-4ae4-b2d7-c9f8d34e773c&ph=f4cc9fb1-057b-4e7a-b393-325ee9109574&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dopenx%26userId%3D%7BOPENX_ID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=openx&userId=3ba15838-10cc-43c8-a5be-c3b0b230705b&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 1023
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&us_privacy=1---&khaos=LQYZ3LUL-20-86GL HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LQYZ3LUL-20-86GL&us_privacy=1---
Request Chain 1024
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159988&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dpubmatics2s%26userId%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=pubmatics2s&userId=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 1027
  • https://sync.1rx.io/usersync2/rmpssp?sub=vidazoo&us_privacy=1---&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dunruly%26userId%3DRX-d414429b-91ca-4e66-977e-78ebb86b19bc-005%26us_privacy%3D1--- HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&us_privacy=1---
Request Chain 1034
  • https://ups.analytics.yahoo.com/ups/58576/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=yahoo&userId=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A&gdpr=0

1015 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
duperb-shop.ngontinh24.com/
Redirect Chain
  • https://duperb.shop/
  • https://duperb-shop.ngontinh24.com/
41 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:28fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3976d368f30ab0068d5f5d9e6d5959bf62c3fed2023016ba033c7243ef2a4376

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
immutable, max-age=31536000, public
cf-cache-status
HIT
cf-ray
840244c4c9ee5c6a-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:30 GMT
last-modified
Wed, 03 Jan 2024 13:05:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqIh4gEG72VYR%2Ft0H%2FY5uhjVdysglNT1nA5QfpXO%2F%2BMTYfaFbWK%2FRlMTfvZ9Sq5c4SNUlE8zRtZDKTCEFjNC9EJCJjss0FqiA%2BFSi9GLhbf61yQrg4ipyz0Gk51PKgoM1US70ngGt61Z%2Fr3C%2BG%2BCuez9XLjmN628fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
840244c15b002886-MIA
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:30 GMT
location
https://duperb-shop.ngontinh24.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCxiiVUoFmAgKX%2FW4YVntTtIKgIzxJmKu1ITLUqkVmg9E%2FxAJ8wNwxeaLGmCyBvNnYvZaGoy%2FPJ5jAysmk3OORiyTKXbReqhxPcmHPF1CGtN8m4e0obBX7rNxm5pqOcQAPit%2Bq4lindIFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
newsike.css
duperb-shop.ngontinh24.com/css/ 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://duperb-shop.ngontinh24.com/css/newsike.css?id=a528c8aecbbd8bdf1ddc
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:28fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
471a25e5e3848ec494a1cf317afc20bb182465e3a2fea192fc4bf4b6867ad545

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 04 Jan 2024 06:41:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO9gWeVzI2MZl5Zv%2FmHlxUD%2B%2BaFK%2BVvikbCHWcc2LsVpTQTSWeInzfjEIzFIlEpukBripzoVWUCIVnY3Wk1BVn9nhmuFnFC4NdCmroG4EBf2yFfNszzwhH35J2GT%2BGGXT%2BnuMe%2BxfJfPL7PzhsAU1nnbGsqVrYk8vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
840244c5ca6d5c6a-MIA
alt-svc
h3=":443"; ma=86400
newsike.js
duperb-shop.ngontinh24.com/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duperb-shop.ngontinh24.com/js/newsike.js?id=2e2993cb3d75bb3492b1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:28fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af284fa768787fbb6b7efb8b20e162fc80630596797d1f32bc7cdc34bfcc564e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 04 Jan 2024 06:41:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYHSaPB7zz37j8799dS7gc9eB%2BsJiNA%2BmYi0shm3ZCE3vxab4adXwTDXHFmOCor%2F2OqvtNoUZBRXftsa6%2FKvwEEXu1PlsmscuTl632yYC6KhhPv7%2Bi0t6YrxlIfaoE6O6ivEoWLLDMDbu5YYrqLnOu30mMY4zs%2B7Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
840244c5ca6f5c6a-MIA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-54725HQVMF
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03e48a89da149909ec44ade6ee4c54b55f9c26a6e1171ff4821afce02d0a85d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92826
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:30 GMT
d82422-8575-448e-84fe-fa092518ca2d.js
monu.delivery/site/f/d/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00:1::2d4f:f28f Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
acd8877a2c7e075274843b0869720efad308b92734c980465c0ce4d10f75dd75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPq5jC4jeHA4hvwYMsn9Kv6ufYammqrNixtfJ7zYVlRa3EuQhN_DRGLcDt-hhvQFvyZhneYcHh7Nnw
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1704347112944297
content-type
application/javascript
x-goog-hash
crc32c=Vljzow==, md5=EvO0Qo0E7qjbNV0izIfWHQ==
cache-control
max-age=7200
x-goog-stored-content-length
66328
expires
Thu, 04 Jan 2024 10:56:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7109864259348938
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a541beb48d5c34d2ca5b15f2d4ec2b54bda4353146dad404e8f2589b7eacf27b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Origin
https://duperb-shop.ngontinh24.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51299
x-xss-protection
0
server
cafe
etag
15060310373950912562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:30 GMT
pub-7109864259348938
fundingchoicesmessages.google.com/i/ 		182 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-7109864259348938?ers=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2fecb04bfaac85b3fdc4937d2acb052817756f86f026dcc22ffda18a5b30265
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_8R7udHw9BxHi4lPU0PQPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-_8R7udHw9BxHi4lPU0PQPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
empty.svg
duperb-shop.ngontinh24.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duperb-shop.ngontinh24.com/img/empty.svg?id=f7978df1cc36ddec0a26
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:28fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3344610ca08644091d8ca981acc5c728753dc1e0246777e0eaeb8723f916c7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 04 Jan 2024 06:41:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIgISnX9bDYpUYnA0SYCo5d6DmKEQsPtYptJ0Jh9b9o%2FjUBYcfN7hMFtmvFIW2at618aKejFySDtIvXCejbFxM1BXTU4KoDpqN1XAQmP27Xu3ArJQniKXERcZVM1gsaxZkZDZr3AsKzdUV%2Fag16DKWa1A3SfbFtcjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
840244c8286e67ec-MIA
alt-svc
h3=":443"; ma=86400
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00:1::2d4f:f28f Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPr5HDrshL3bM8iEBA_3UvMvIofXGyOG0S7QASkgaMbEjDKoilX74aF62iPVuzm2n8LF4V-MM9EJ7w
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Sun, 29 Dec 2024 08:56:30 GMT
pub-7109864259348938
fundingchoicesmessages.google.com/b/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-7109864259348938
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d864e456e7482c5bad10a8c1c0b1e1e5a91e04f7041d99d66024f5a672af928f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YKlI7ErgrZuOF7n7WliTXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-YKlI7ErgrZuOF7n7WliTXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/js/newsike.js?id=2e2993cb3d75bb3492b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7335f04f77a86ec84acf13daa09f22c1f6be0beec90bbe3201e69c47e94f73b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51483
x-xss-protection
0
server
cafe
etag
14972609843586792098
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:30 GMT
d82422-8575-448e-84fe-fa092518ca2d.js
monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/ 		587 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00:1::2d4f:f28f Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
bab1c005a7fe6444f56cd587a85b5cdbb0f78a89ef2218027075f4bc2419b09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPqhncVvEPU6dDwHQXrsVqMFifVHiFev0U8KsUJgMhvwhlHMPyTXNM0CG4JMNrYecwrFTVk
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1704347115601431
content-type
application/javascript
x-goog-hash
crc32c=e2adPw==, md5=d5AcD17DtVnggl1+O4sC7g==
cache-control
max-age=7200
x-goog-stored-content-length
600960
expires
Thu, 04 Jan 2024 10:56:30 GMT
/
duperb-shop.ngontinh24.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://duperb-shop.ngontinh24.com/?advsystem=
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/js/newsike.js?id=2e2993cb3d75bb3492b1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:28fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 04 Jan 2024 08:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKH%2BCxpGoDWFEhAautPdVE4qEQtuZTCxbGXGxgcXqPqp6eEHVZXsAYiTEwkWetMvH4UW5GrXMuux84Ro6FE5n80vT4iX3YQZsO0Ndld48rKtTkgq1FS3KG4yjhHIoOl%2FVMsV0H9hMvZsc1ETCsa4XEhXtE9s28wB1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
immutable, max-age=31536000, public
cf-ray
840244c888b467ec-MIA
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-54725HQVMF&gtm=45je3bt0v9120859566&_p=1704358590561&gcd=11l1l1l1l1&dma=0&cid=2035237425.1704358591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704358590&sct=1&seg=0&dl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&dt=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1366
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-54725HQVMF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVBr7T-i2PzTKHlzrtrnnlK37Y9xUQ5vL_yjIgZVoAZGbkRdfjo6u93_0OWE-7YUkEG_uuI_W__XTcTp7PVqBDgjQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVBr7T-i2PzTKHlzrtrnnlK37Y9xUQ5vL_yjIgZVoAZGbkRdfjo6u93_0OWE-7YUkEG_uuI_W__XTcTp7PVqBDgjQ==
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SMb7ZbBLNgjWJO1DCCZdgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SMb7ZbBLNgjWJO1DCCZdgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 3C2F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00:1::2d4f:f28f Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
565
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Thu, 04 Jan 2024 08:56:31 GMT
expires
Sun, 29 Dec 2024 08:56:31 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ABPtcPrODIOSbO_6nqQ7eIWhCDzxmASaPc874aSWSOa7pDGweLdZnPf8IxsYkhRz6c4l01bJeA
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7109864259348938
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11a4a19a89395a493626ae5fd7e00a03ea2e930041fd9acb7af23ccb22a0d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137925
x-xss-protection
0
server
cafe
etag
1850400483679383551
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:31 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/ Frame 5E2F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7109864259348938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
64759
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 14:57:12 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 14:57:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXYH-ISL_XmQnZTz8G14CFzg7K_LfidEU7Be7HSnHZ2tmCdrh144wJGdy4WAD-0ofbZ3S1zml9ZZvrmY7Kt8oN0-KdI3HmMF9YZq5IN-REQHZEeVjgT7wFaqQDn1eWfIWHeZlpj7A==
fundingchoicesmessages.google.com/f/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXYH-ISL_XmQnZTz8G14CFzg7K_LfidEU7Be7HSnHZ2tmCdrh144wJGdy4WAD-0ofbZ3S1zml9ZZvrmY7Kt8oN0-KdI3HmMF9YZq5IN-REQHZEeVjgT7wFaqQDn1eWfIWHeZlpj7A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MzU4NTkxLDUxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2R1cGVyYi1zaG9wLm5nb250aW5oMjQuY29tLyIsbnVsbCxbWzgsImZYd2RTOE5pSVpvIl0sWzksImVuLVVTIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2308f3873334bf16b0cd7f0a71f66dedb1d5acb3dcd89a3fc0ddc8cb1b84646c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SgcWI7dPrrRdFipbQnAP1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SgcWI7dPrrRdFipbQnAP1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=p.d.l&u=IN44NM&d=%7B%22c%22%3A%22US%22%2C%22r%22%3A%22%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		389 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b3cde3e30b04a5ec317e9403523d3d54f27145e1ca40522266af2feb635208

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Jan 2024 08:46:14 GMT
server
cloudflare
x-amz-request-id
6EYDHHFGNXSRT5WZ
age
115
etag
W/"737bef9940da18fefd2d87f0942119b6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
840244cbc9f5dae5-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
T1YIUMWnCyBezFyUbPo0iBbzBOZBEymnX3Th7KP+ApGT67I1JYFMFujk4oKSpsc3nY2wb9njkmw=
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef94a1e8648a636e80620b089bb5797a7e23d76ae0e3eef12be5a8b53183d50a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29448
x-xss-protection
0
server
cafe
etag
197 / 19726 / 31080177 / config-hash: 10365728498389725555
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:31 GMT
76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
config.aps.amazon-adsystem.com/configs/ 		564 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-94.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
e8fa4e619d14da71ec371369a874cd180069a4a90acc17f32c2849798629e0e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:01:24 GMT
via
1.1 33c5e667811ab5c0b32f883d38ab0a84.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
3307
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
nrm97_6RMswy6qSDt0vKGXFSq9r2c_-ddblXq7cqEnul9C6gFA2nHg==
publisher.js
client.aps.amazon-adsystem.com/ 		261 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-43.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b70d5f158ad9fb8db0a1c335114075558d819212c80ce6d0aca87c348afb174

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:45:54 GMT
content-encoding
br
via
1.1 82411d437ee2d2355a407b78473e6156.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:12 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
638
x-amz-server-side-encryption
AES256
etag
W/"43cf1e7a2beb2adb8dd9e6250dd28a33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
cEUc3lrovmV4NAglMdHTB5AjxZZ5MVTXqB6g7CKTTeDu1wBK6OHDFA==
pbjs
api.id5-sync.com/analytics/1013/ 		70 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.id5-sync.com/analytics/1013/pbjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ba8451f39b0887dfff955335e5bf9007d350bf5c2d9f5ef697e07275ecbc331a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
max-age=300, public
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
translator
hbopenbid.pubmatic.com/ 		0
124 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		83 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
eb79d2411877f0a737c35fd4282fea3560ae543d5c1f70bfcda05523858fca3c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
an-x-request-uuid
d82ffe93-c277-44df-96f5-28e3c0419498
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-4258afea-960f-419a-9cd3-d9b394374220_1_1_ad%22%2C%22callback_id%22%3A%2210d91fa4fea9db%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2%22%2C%22tid%22%3A%2299a5de45-db8f-49cb-9a85-eecee0a27336%22%2C%22auctionId%22%3A%22580a8c99-5448-470f-870e-680034561f9b%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358591275&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		353 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
b62a61b4c5dee465f441e43bd3d450ad89a41c88117bc951e7d0bbad8cac036f

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:31 GMT
bid
s.seedtag.com/c/hb/ 		87 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
db08bebfa2e92b78c4c9ea0d375a66e9d2adb4208d50c3f5fbf22a467dde57b8

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trinity.json
apex.go.sonobi.com/ 		95 B
905 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2216f2496c47de24b%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=e654e1cc-f348-46c4-9095-ebf8795c1d34&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22580a8c99-5448-470f-870e-680034561f9b%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6d5bdc3c71c3da7491bdc9b2a0f9d3bcbbe931e4eecfa649ae9a0572723295e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-57
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
120
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591280&to=600&aun=mmt-4258afea-960f-419a-9cd3-d9b394374220_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2&t=f1wmpn59&pi=2&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ca3b0a5f339c767e1fb4933525c018a77f5325895caeed43215c58bfd7bcb5b3

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
c
prebid.a-mo.net/a/ 		1 KB
919 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ec23865fe5502452ad1cb737ce49962eb01660bcd857706293086b2777316488

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
149
content-length
498
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
66af34f2dcc870deed709e424e960b6ce9a6b0a6d00d715b8eca10107d91b929
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
105
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		487 B
845 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2&tk_flint=pbjs_lite_v8.12.0&x_source.tid=580a8c99-5448-470f-870e-680034561f9b&l_pb_bid_id=24b31d201e1e565&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=99a5de45-db8f-49cb-9a85-eecee0a27336&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2&slots=1&rand=0.5058767993902811
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0eb55b29dbfaa86b994440975562f56dc110485f19c83abed70979afca9fc88d

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
487
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2582ccb0d2477253eeb87e377b2c3a47e8a19cbe5aeac9b4779cb632b82ed9b0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
524914459
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		16 B
398 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid
ib.adnxs.com/ut/v3/ 		19 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
an-x-request-uuid
97597d19-4fe9-422f-b23b-0a425f78d5f1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
521661789
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		1 KB
898 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
7c013381d3b7c64f519ff1e99782da820f8de886743314d17ca42b50bd0b3203

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
139
content-length
500
prebid
ads.yieldmo.com/exchange/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-26c15b8e-8080-4986-924e-050c0f0222d6_1_1_ad%22%2C%22callback_id%22%3A%22401668a06b1fbe6%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4%22%2C%22tid%22%3A%228c41b3cd-3355-42c9-b2c6-3184f9639623%22%2C%22auctionId%22%3A%22185194de-9cf6-4de0-a094-a07c4168cb3b%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358591297&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591298&to=600&aun=mmt-26c15b8e-8080-4986-924e-050c0f0222d6_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4&maxw=300&maxh=600&si=490025&pi=3&bf=300x250%2C160x600%2C300x600&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c28a74670ec53920ad11adf60aa4e22f1b88ca2f3aa517fa1dcc02f3320531d

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591298&to=600&aun=mmt-26c15b8e-8080-4986-924e-050c0f0222d6_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4&maxw=300&maxh=600&si=490027&pi=3&bf=300x250%2C160x600%2C300x600&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fd39fbe147103b496fedc710248107facf6beaab15b4992d90ad7046f4b3b8ef

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591298&to=600&aun=mmt-26c15b8e-8080-4986-924e-050c0f0222d6_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4&maxw=300&maxh=600&si=490028&pi=3&bf=300x250%2C160x600%2C300x600&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0477f0d51900c7b61949afaa404351f1c0ca40fcd9ec0e64a7b9d7a3d65da8f7

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		536 B
797 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2297a14402d4b345dd6f4eca9bba6df6a932bc2f2b1f4e9fcd03b7df80beee33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
kong/2.8.3
x-content-type-options
nosniff
content-encoding
gzip
x-kong-proxy-latency
104
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
92
pragma
no-cache
access-control-max-age
3600
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
trinity.json
apex.go.sonobi.com/ 		807 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2250e5b076bc86c93%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4%2Cc%3Dd%2C%22%2C%2251e0bcbd4405ab2%22%3A%22177369c437c672237248%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4%2Cc%3Dd%2C%22%2C%22522f0e7e54056e2%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=6a6cfee9-b914-4069-84ab-8dfcbb101d8c&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22185194de-9cf6-4de0-a094-a07c4168cb3b%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f057702539786feb3aa792d4abf118e276fd996a55391e256bb52200bc30cfe6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-63
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
474
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f1b8f0261622e80a0d74843ca51d20522e1ce91c704006912417f63950dbed45

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
prebid
prebid.media.net/rtb/ 		353 B
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
af2dc14f6a8c06b4395e37d88b5872ded1b4e234762e98c680dd1bffda8bc2ea

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:30 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:31 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		510 B
866 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=15&alt_size_ids=9%2C10&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4&tk_flint=pbjs_lite_v8.12.0&x_source.tid=185194de-9cf6-4de0-a094-a07c4168cb3b&l_pb_bid_id=60cd1038ecdd5e2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8c41b3cd-3355-42c9-b2c6-3184f9639623&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%23pillar-4&slots=1&rand=0.5112784663753738
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5ad232a3e0145aa89d237bfb6f6bc9d0566cd16949c759ee255411395506c1d7

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
510
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
8c8b53a37be5a6bbe543b729ef241b2e46d79647e80c94862e5e554ad8c30ae6

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v2
e.serverbid.com/api/ 		16 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
services.js
js.gumgum.com/ 		111 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-72.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0b11a96f3dcfaafe9a9b5eecc2b4630f78cbe206434681d13df688aa377009

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
d9MhoYU00bk7oxFehgJHs_bjgU_LcIfC
content-encoding
gzip
via
1.1 56afed1ff867622bc96040c761f69a64.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 08:56:32 GMT
x-amz-cf-pop
YUL62-C1
x-amz-meta-version
3.88.16
x-cache
RefreshHit from cloudfront
x-amz-meta-access-control-allow-origin
*
x-amz-meta-timing-allow-origin
*
server
AmazonS3
last-modified
Tue, 14 Nov 2023 15:48:31 GMT
etag
W/"43e0d0f549bb77b219b97b914cdb611d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
x-amz-cf-id
ZgzwYwZZpP6c0YB-AoRVi7ycJwn2TNY3FTobispTu8K9NC9sPImoEQ==
ads
googleads.g.doubleclick.net/pagead/ Frame EA09 		131 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&adk=1812271804&adf=3025194257&lmt=1704287131&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591002&bpp=3&bdt=655&idt=349&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7062184289034&frm=20&pv=2&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5647fc8869f30aa2a0bfe71f17540c22ff7fb10741c21805788db72919c1b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43684
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:31 GMT
expires
Thu, 04 Jan 2024 08:56:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9624 		158 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f4165600f0f6915440a750f0b77d06e5e0dbc9d1f783ca44d3196b09ead2380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
47502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Thu, 04 Jan 2024 08:56:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7A97 		103 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60d753cd8365cae13f9e8c52425472dd001729c40c720748fbd0e38f5b6c4f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39203
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:31 GMT
expires
Thu, 04 Jan 2024 08:56:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 02:43:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
22398
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 03 Jan 2025 02:43:13 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4D44 		103 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99e3deb20ab2980931c3ee06955607927e629aea6525ec81e3aa7120e1188a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38883
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:31 GMT
expires
Thu, 04 Jan 2024 08:56:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F8ED 		67 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc56c5f0325b0af41713f4e306c9fedb86bfa8de012ebc67908267e37353f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17641
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:31 GMT
expires
Thu, 04 Jan 2024 08:56:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
6YY1NAZGMPDHS1VK
age
3117923
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
840244cc8a86dae5-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
J77991lmUc40czOifUPeVmbHudT3k1PgN3u6uCxuzBz8NpqEqB/FqhIigAcgKzxViu6VXwaxg2A=
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx
v1
btlr.sharethrough.com/universal/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		487 B
844 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDH.A%23header-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=e736b74b-806f-4453-838f-acf49a3e8544&l_pb_bid_id=7504e0b5fec20d2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7043906e-5fb6-4532-b768-2fcce9eed209&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDH.A%23header-1&slots=1&rand=0.0968180695886025
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
81f9ce611baaf055343be544edd2f7a45a59e052ee546f8ae9a1cbaf063afcaa

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
487
expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/ 		1 KB
1011 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591465&to=600&aun=mmt-df664826-5c9a-46f1-947a-56f39263c30d_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDH.A%23header-1&maxw=728&maxh=90&si=490032&pi=3&bf=728x90&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ac2b5ae2de1284e817a3d1e4f56e81722138e56c8555a49b097b3af7b6c9f4a1

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
trinity.json
apex.go.sonobi.com/ 		765 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2279e19215dd2332e%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDH.A%23header-1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=9c222dc0-920f-4a99-897a-971ea64e4e3d&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22e736b74b-806f-4453-838f-acf49a3e8544%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
2e438e4370b032e64fae998e8f3f4e029ef38c431ead41239533a97d6ce98f71
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-108
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
451
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
08656a98655a23535b66ce02c864fb76399ad2b23ac6bb83234e67f38bde8d3c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		19 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
an-x-request-uuid
9d7aeecd-dc0f-4cea-a2c1-15ec8c626b34
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		11 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
d5efaff99b7817b6279d67c0fc5908c63c7287225aac977f8ee495aab1f384df

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 varnish
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
x-varnish
522344154
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3456
v2
e.serverbid.com/api/ 		16 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid
prebid.media.net/rtb/ 		353 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
801d5b4dda2f9ac63608c54c8249ec092977d7dd4ed4e9f27f091299bdae5966

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:31 GMT
c
prebid.a-mo.net/a/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
0350281031389f2263a01f936c051e6b0e31fe70ad34a0a3d6106675261518e4

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
497
prebid
ads.yieldmo.com/exchange/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-df664826-5c9a-46f1-947a-56f39263c30d_1_1_ad%22%2C%22callback_id%22%3A%2295f91e60529b526%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDH.A%23header-1%22%2C%22tid%22%3A%227043906e-5fb6-4532-b768-2fcce9eed209%22%2C%22auctionId%22%3A%22e736b74b-806f-4453-838f-acf49a3e8544%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358591475&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1a7340a74c03f181d076b9e58f025a7ef5bba39f3e2ce200ce7213e132ee9995
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
81
content-length
180
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
3be79451d50fe0e6ba96ff7c37e7379a910c8cd40d3608efb16cc40c5383e53e

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx
imp
g2.gumgum.com/hbid/ 		1 KB
1012 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591478&to=600&aun=mmt-c4152799-e894-4662-a2a4-a42d312d81f7_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.A%23sidebar-1&maxw=300&maxh=250&si=490027&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d49704476198bf7410e85ee99b6e02a9246fdcfffe56b2a14a872fbbd1768be0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
an-x-request-uuid
5c1ddef8-38b5-4d98-a775-6b2d835f68ca
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
709 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
852b79c54c1dac244a041ab9bba321b103f6803872445f29c3fb5c1f11e45e8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
103
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
42
content-length
181
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
prebid.media.net/rtb/ 		353 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
32e7b34c52863358d06538e7afda895d51d28f673065d4bed9f3068901a7d75b

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:31 GMT
v2
e.serverbid.com/api/ 		16 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
fastlane.json
fastlane.rubiconproject.com/a/api/ 		489 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=15&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.A%23sidebar-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=5197bbb2-0544-4398-962c-ca5f0d0aae95&l_pb_bid_id=113751c6cb8bc8bb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3a6eae35-9eeb-410e-8d98-ec5ee8b8c8a0&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.A%23sidebar-1&slots=1&rand=0.4637286285888893
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b71f95336dc567d835c55697b3c05d879a5319439e5f8ec89eaf534bd23c1bf8

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
489
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		766 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211527c4261eec503%22%3A%22dcc4cd9596e80d497120%7C300x250%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.A%23sidebar-1%2Cc%3Dv%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=0b845a96-5e20-4ce8-a421-5e23990063a9&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%225197bbb2-0544-4398-962c-ca5f0d0aae95%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
29127fabb146d6b2d8bf961a00d0ee255d7b966ca1d621eee5d5393dd63b28cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-55
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
452
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ee61345f962e763659c9c7d991d66cdf242bab3ecc1951e450ffef918be80dad

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
887f3fbf6ec7d97867aefae525bbc5eea1f2027f7b21127820d465c1dc408256

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
btlr.sharethrough.com/universal/ 		0
0
c
prebid.a-mo.net/a/ 		1 KB
896 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
f6a07246b963bc573fdddca7869dd815ae50487085dbdb3efa2afbc044deb1fd

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
143
content-length
499
prebid
ads.yieldmo.com/exchange/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-c4152799-e894-4662-a2a4-a42d312d81f7_1_1_ad%22%2C%22callback_id%22%3A%22123dec3ab804115c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.A%23sidebar-1%22%2C%22tid%22%3A%223a6eae35-9eeb-410e-8d98-ec5ee8b8c8a0%22%2C%22auctionId%22%3A%225197bbb2-0544-4398-962c-ca5f0d0aae95%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358591485&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/ 		0
331 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ 		0
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
d787e573cd08c83232b7f5e8add122bfe170da316f4e69433ca47e8382fe1e28

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
522344144
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=4258afea-960f-419a-9cd3-d9b394374220
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=26c15b8e-8080-4986-924e-050c0f0222d6
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=df664826-5c9a-46f1-947a-56f39263c30d
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=c4152799-e894-4662-a2a4-a42d312d81f7
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=3da146d5-1cf2-4be4-9079-b2f1c2c61187
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=827fc8e0-82ff-4690-83c3-d2380c7524bb
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=8ac367b4-1fc1-4e9e-90a8-296aa003810e
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=0115eba8-b4ce-4839-bee5-c28a1c9b14c8
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Jan 2024 08:56:31 GMT
x-content-type-options
nosniff
content-encoding
br
age
1756
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-mia-kmia1760022-MIA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
YPTWPKHZF0BWQ7HW
age
442
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
840244ce1b2425be-MIA
x-amz-id-2
34NGrAxJuEojr5Awn5Ms0s73223NGz2hVvxo9uBKzKcajVQVl3F8lLDJ/qLYkx1pTYtWWIzAzIA=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:07:52 GMT
content-encoding
gzip
age
2288919
x-guploader-uploadid
ABPtcPqTHxfkqIBKkx98RUqVAR1bJsVolG2HXFq7aWEIzyWH8OBMQqQpAGxWUlVlNzbt04Ymk2JesZzR_0o3ox6Oz3rY_yTM9hwC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 07 Dec 2024 21:07:52 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 21 Dec 2023 07:50:16 GMT
server
nginx
etag
W/"6583ee38-a9b8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 05 Jan 2024 08:56:31 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-75.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:11:04 GMT
content-encoding
gzip
via
1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
49528
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
y9MW4g1r-SyDohXbw0d5CoEh_ulnewe77DcTXCLYSs12TqV2HghfeQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:aa00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 04 Jan 2024 03:20:52 GMT
Via
1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YUL62-C1
Age
20140
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
s6CN9uRWGdU_4WqshGiaW6YOqsD6wpc-d_hfdFhRZOw4WO-PN99thQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
a1ce6933d047127f1b8ac23297f73f59
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=0&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-26c15b8e-8080-4986-924e-050c0f0222d6_1_1_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDR.D%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
736623bf5b04e04614817442c38b7a20d19df1b29551c5e33a6992c34340da85
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
10E7WWERF2BVN9HNYCP6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
VFRWidG5SFL9bGB-ICSs1VYO0ssR8tKPP-rdWZbwibIgDB5PTRHo6g==
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=1&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-df664826-5c9a-46f1-947a-56f39263c30d_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDH.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
d0acfa1e702259b478239630d1eb14536a471c1399b58050d7a76683fcf717f4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
68SY1J2M7AWSBGTQGH3B
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
McLVHjq23Lha4CQ02iKUSd94I-tanCvwcah7nlixUnqK6X2I1gqhtA==
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=2&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-c4152799-e894-4662-a2a4-a42d312d81f7_1_1_ad%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
31d930bba4d297603dfbc7e08813b22848d433f9251015e47cf467e47330b986
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
CT9M718EQKTWSGCRXZ6K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
iooE6B9kP02siFxxUUG2XZpkdv-fzCu1innifSCEqDmLaT4HZT9_DQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=3&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-3da146d5-1cf2-4be4-9079-b2f1c2c61187_1_1_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
af1896dba99d5da0b95adf25877938268fcbd218e9b0ff1be4b59ec68ddc7884
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
X5K5MDRH7M5GT148V53S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
sJwM2wrRYtdIUo56EmHma5gZ3fRNaeDXJ9yW5wfTXwfusHjh4nKTiQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=4&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-827fc8e0-82ff-4690-83c3-d2380c7524bb_1_1_ad%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.D%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
0816b0676c37909e18990f6fa447fc0dcd738f5119a10fe07122b8fa00a39e1d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
DHTM5BS89PMNQJT9S7NY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
-TmqUlVAQqc7WvrcjFp91LG0d5qC_794CvI2fdnGJsyuqvmFE9sqxQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=5&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-8ac367b4-1fc1-4e9e-90a8-296aa003810e_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDB.I%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
787150b489a6521e050b6296979fea3752eae3950bcaed51e5cec91bd091672d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
BKHRAZK8602KZT0JNZE7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
b6svForjBx58wWX1k0j9wxiAUI1ibRReCwT4IbyAcUG-BECtcegGqw==
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=6&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-0115eba8-b4ce-4839-bee5-c28a1c9b14c8_1_1_ad%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.J%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
580eeb39307049dba9c5552bfb978340673d0690d5728a14344da4fc9c7f8bf0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
GJH8PD10MPXZDNCAQRT0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
ByT5FWlOMR6Y78Dqyl-7lL343YHWEVF_GAGTu_wIeLl5aA-VdcByiQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=7&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-4258afea-960f-419a-9cd3-d9b394374220_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
b2619cae117c115d26f2958df0df31c86540388b6f4c1dda4fc53c4ace5fc00f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
PMYPKS80H1MJ3HG5CCVP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
YhcGaYidB-Vc2jAB-myjLvILrjKtGhGOmUHj_CqBL3RWZtVIXwl_Xg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c83536c4e12f4a229fa27266fc5fdd56.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
49S21t4d0gjF-4NhaBAEuUW5SleJjh6gxfYNxuMuD_xhw0rFq8C4Vg==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
Server /
Resource Hash
1ea6ee0237253d9114205128f9cd7e154f617d144ef478d7f50e388aaba13151

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 e0170582752f8bcacf802243afe5509c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1322
x-amz-cf-id
bmNTilzIL_Td1ajvxE7GZ60O9S4MHclVZb-ME_BDwqGZeTf-M8AJ7Q==
css
fonts.googleapis.com/ Frame F8ED 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 07:53:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 08:56:31 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame F8ED 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 10:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 10:52:42 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame F8ED 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 18:57:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 18:57:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F8ED 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36766
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:45 GMT
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx
v2
e.serverbid.com/api/ 		16 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
521103437
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		1 KB
1012 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591717&to=600&aun=mmt-3da146d5-1cf2-4be4-9079-b2f1c2c61187_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2&pv=75c5cf24-446c-42d5-9a69-459cc20eb95c&maxw=300&maxh=600&si=490025&pi=3&bf=300x250%2C160x600%2C300x600&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d49704476198bf7410e85ee99b6e02a9246fdcfffe56b2a14a872fbbd1768be0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1012 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591718&to=600&aun=mmt-3da146d5-1cf2-4be4-9079-b2f1c2c61187_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2&pv=75c5cf24-446c-42d5-9a69-459cc20eb95c&maxw=300&maxh=600&si=490027&pi=3&bf=300x250%2C160x600%2C300x600&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d49704476198bf7410e85ee99b6e02a9246fdcfffe56b2a14a872fbbd1768be0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1012 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591719&to=600&aun=mmt-3da146d5-1cf2-4be4-9079-b2f1c2c61187_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2&pv=75c5cf24-446c-42d5-9a69-459cc20eb95c&maxw=300&maxh=600&si=490028&pi=3&bf=300x250%2C160x600%2C300x600&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d49704476198bf7410e85ee99b6e02a9246fdcfffe56b2a14a872fbbd1768be0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
698dc40a616311683313957fdb14837e0e4ba5148866fb1a46e8b054f9c7c1ce

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
v1
btlr.sharethrough.com/universal/ 		0
15 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
15 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
15 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		511 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=15&alt_size_ids=9%2C10&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2&tk_flint=pbjs_lite_v8.12.0&x_source.tid=7c428d9f-3f49-47d2-a7a7-98e49601134a&l_pb_bid_id=146a4ec6a8bde6ed&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1bd444e4-8a38-4434-b4ba-ad12d1631da6&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2&slots=1&rand=0.19254848338824093
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
86437a0a26abf1f4b0a16142286a1a89d79379aa5a06d3c66d6135f89a5aa886

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
511
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		353 B
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
8bc2dd50541633a6b91780edcbf83921ff8c1ae829ab1a15352979cdaec2e29a

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:31 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-3da146d5-1cf2-4be4-9079-b2f1c2c61187_1_1_ad%22%2C%22callback_id%22%3A%221562f5ce0474759f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2%22%2C%22tid%22%3A%221bd444e4-8a38-4434-b4ba-ad12d1631da6%22%2C%22auctionId%22%3A%227c428d9f-3f49-47d2-a7a7-98e49601134a%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358591724&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		539 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d36304db6990ffc3ce12acff3cb4c42b4190994b13853d114280ae2259897cb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
kong/2.8.3
x-content-type-options
nosniff
content-encoding
gzip
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
69
pragma
no-cache
access-control-max-age
3600
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
trinity.json
apex.go.sonobi.com/ 		809 B
1021 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221620f374ff0435f5%22%3A%22177369c437c672237248%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2%2Cc%3Dd%2C%22%2C%22163ac4d361a35172%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2%2Cc%3Dd%2C%22%2C%22164c62c28327f37%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.B%23sidebar-2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=5cc0dcea-9e15-40d6-9853-0829f6202581&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%227c428d9f-3f49-47d2-a7a7-98e49601134a%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1eddda3a4418128367fe7e9b8c97e40ea43fac5cce2317434243d210b5d744d5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-108
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
an-x-request-uuid
b37a344e-73ec-442c-b6f0-6e911ca868cf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		1 KB
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3eae7079f186f4b6c8d1c58c096c6e809706bb5abeae78fa20ff509e942811a3

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
498
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
66e5a86692d00ba3c322121a03ed9d78ebb74843bfe53c2fa4b038dabdc71058

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
c
prebid.a-mo.net/a/ 		1 KB
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
27ed1f73ab911443884cbac9b881d95c9838544a2037e4a471d3841ef80bd3ae

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
500
prebid
ads.yieldmo.com/exchange/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-827fc8e0-82ff-4690-83c3-d2380c7524bb_1_1_ad%22%2C%22callback_id%22%3A%221780a8d46466f898%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.D%23sidebar-4%22%2C%22tid%22%3A%2249b9cb1a-bc4f-4d95-8822-7beaaeedb430%22%2C%22auctionId%22%3A%224052e13e-d382-4a60-8860-00c1885631e1%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358591739&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/ 		0
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
btlr.sharethrough.com/universal/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
an-x-request-uuid
a8e1f5df-cda9-4618-af8f-b16448f3a3b3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
34bad3232d4c4c860bb696f1169c5536e452495f0f5e5b38d256f4680f78dc4a

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
40125b6d63d09982a5b1b75f6b584069972573818b95200e997b2edb68cc7690

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		488 B
522 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=9&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.D%23sidebar-4&tk_flint=pbjs_lite_v8.12.0&x_source.tid=4052e13e-d382-4a60-8860-00c1885631e1&l_pb_bid_id=18817675bb77b54&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=49b9cb1a-bc4f-4d95-8822-7beaaeedb430&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.D%23sidebar-4&slots=1&rand=0.23533408057562633
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
48edc9f331fd4f81e39056ce0d7b79cd8ee71d3415824a916300f6b6e8c93331

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
488
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
708 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d61517807fd3364fdabcc730c9eacc35105715cbeeb916f06f47c5812e10b0cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
74
content-length
181
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1012 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591745&to=600&aun=mmt-827fc8e0-82ff-4690-83c3-d2380c7524bb_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.D%23sidebar-4&pv=75c5cf24-446c-42d5-9a69-459cc20eb95c&maxw=160&maxh=600&si=490025&pi=3&bf=160x600&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d49704476198bf7410e85ee99b6e02a9246fdcfffe56b2a14a872fbbd1768be0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
prebid.media.net/rtb/ 		353 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
52e10357e0f9edf788cc89d1967273bc770f0be9531dfbe4625474ca3dd6f0f1

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:31 GMT
trinity.json
apex.go.sonobi.com/ 		766 B
997 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22196e1540a11280de%22%3A%22177369c437c672237248%7C160x600%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.D%23sidebar-4%2Cc%3Dv%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=55ece69f-8f39-4a63-9508-91de0efd5c57&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%224052e13e-d382-4a60-8860-00c1885631e1%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1250daa9f0a432107156f86630801b64c53bbd53c6e3fb1126867c4c1a48df3e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-108
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
451
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e884ccca893632a63942a51b060e44b9788af5d9a0d81261ef23467d0c70c48b

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
83
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
524914501
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
11778604948800383788
tpc.googlesyndication.com/simgad/ Frame 4D44 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11778604948800383788?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAaLVHOOPz_bastxbvDcE70OBe7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 04:49:20 GMT
x-content-type-options
nosniff
age
14831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13781
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 13:09:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Jan 2025 04:49:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4D44 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:25:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
66639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:25:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4D44 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4D44 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36766
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:45 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4D44 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:34 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4D44 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
44262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 20:38:49 GMT
services
g2.gumgum.com/zones/f1wmpn59/ 		1 KB
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/f1wmpn59/services?dp=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&rf=&r=3.88.16&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.16%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9318&bf=6f930a0206930c18825a770c73b0cf0a0895156b&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1704358591762&to=600&vpii=false&vph=1200&vpw=1600&gdprApplies=0&uspConsent=1---
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9f08a6a436deee653fcf4ee392d0707c5b32f3c0a409a6686136161aebe77b17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
etag
W/"03be846152ffef58a5f3233e780a00f76"
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&rid=esp&cc=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2451af61e931d95501fb8a6fdbad16ce575ebe6461362bf3d658f8b49598a468

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-c0Xt0+lSUqy2nrsMQ7qdClkCTUs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 04 Jan 2024 08:56:31 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://duperb-shop.ngontinh24.com
location
/esp?url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
increment
id5-sync.com/api/esp/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
s
googleads.g.doubleclick.net/pagead/drt/ Frame D25C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:04:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62a4de9e07214d8a46bc60502b576a6682e260d298d2bafa95b28c32d63ee236
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56000
x-xss-protection
0
server
cafe
etag
15093121274311408673
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:31 GMT
ca-pub-7109864259348938
fundingchoicesmessages.google.com/i/ 		182 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7109864259348938?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ec7d477c8063f480f8f42ca6279e5fa9d98c04459221e44df3214d70a5c5f629
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-l8WecJJx_-9m8VvPFaY5RQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-l8WecJJx_-9m8VvPFaY5RQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
11778604948800383788
tpc.googlesyndication.com/simgad/ Frame 7A97 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11778604948800383788?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAaLVHOOPz_bastxbvDcE70OBe7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 04:49:20 GMT
x-content-type-options
nosniff
age
14831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13781
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 13:09:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Jan 2025 04:49:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7A97 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:25:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
66639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:25:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A97 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A97 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36766
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:45 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7A97 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:34 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A97 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
44262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 20:38:49 GMT
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx
v2
e.serverbid.com/api/ 		16 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
fastlane.json
fastlane.rubiconproject.com/a/api/ 		494 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDB.I%23sticky-header-9&tk_flint=pbjs_lite_v8.12.0&x_source.tid=59593e80-132f-48df-8a84-ff33e8093e51&l_pb_bid_id=2042fc2b6569bc18&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9faae19f-306c-49d5-a79c-656cdf722edf&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDB.I%23sticky-header-9&slots=1&rand=0.9766924807110631
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a27d504bfe88993a0af2c372e03914c4526e76033599430a3c754610fea0147b

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
494
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
c636c1c95c6e18807416080fb3100fa180a74ff4f95727d99d77d551fefbd3ab

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591847&to=600&aun=mmt-8ac367b4-1fc1-4e9e-90a8-296aa003810e_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDB.I%23sticky-header-9&pv=75c5cf24-446c-42d5-9a69-459cc20eb95c&maxw=728&maxh=90&si=490032&pi=3&bf=728x90&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d5a38052143d4da571d94bcf22a874597633d2370d238d7fe781ea7a495b171a

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2510df32e2df3b155f08ec3ccabf4c6d0f1970b920cc171a7b554e6afc0ca809

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
prebid.media.net/rtb/ 		353 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
8724481b5df9fc1b87f19e1f93d42c8ae32791392cadefdff5fd6e1f55cf6b39

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:31 GMT
trinity.json
apex.go.sonobi.com/ 		766 B
997 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22216d1b328781ddce%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDB.I%23sticky-header-9%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=50be9ae3-aedd-4fdb-b7ec-42dcb1805c5e&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%2259593e80-132f-48df-8a84-ff33e8093e51%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c9be50e14d55d34bc20ff183de504f97b39bdd7adf3cee498ba89cd224fe32b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-55
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
452
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-8ac367b4-1fc1-4e9e-90a8-296aa003810e_1_1_ad%22%2C%22callback_id%22%3A%2222067ebac81102fb%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDB.I%23sticky-header-9%22%2C%22tid%22%3A%229faae19f-306c-49d5-a79c-656cdf722edf%22%2C%22auctionId%22%3A%2259593e80-132f-48df-8a84-ff33e8093e51%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358591851&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		19 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
an-x-request-uuid
fb0bb56c-2173-454c-a821-3fc8f3a06d14
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		11 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
d932f29dbc6f9793b0275a6c11f29bd53f9a90e051c823f5ffd8f47a33dbee1a

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
via
1.1 varnish
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
x-varnish
524979697
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3505
c
prebid.a-mo.net/a/ 		1 KB
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
44ead52ca3e100d6485276041bf440308306e714721ea0edbe36114f7184f971

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
497
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
84e98293ca8b86afd3f8a036a32f7868d5aebac9dad25b4802db81e73a1f06c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
91
content-length
181
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
inscreen
g2.gumgum.com/ 		914 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/inscreen?pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&rf=&pv=9df9d7a6-971c-4af5-846e-36e20f036df5&r=3.88.16&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.16%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9318&bf=6f930a0206930c18825a770c73b0cf0a0895156b&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1704358591862&to=600&vpii=false&vph=1200&vpw=1600&t=f1wmpn59&gdprApplies=0&sqc=1&uspConsent=1---
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
83ebe8819c613ee5c1a3eb156b65b48920ccf937ada7877fb137ac11ae2ded0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
etag
W/"0525c1f65790bf6156760a41051dcd413"
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
15333
stags.bluekai.com/site/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/15333?id=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://idsync.rlcdn.com/395736.gif?partner_uid=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813
  • https://idsync.rlcdn.com/1000.gif?memo=CNiTGBIxCi0IARD6bBomdV84YmVkN2QxYy01ZGQ3LTQzZDgtOGYxZS0yZTg0NzYyMjI4MTMQABoNCL_l2awGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=101671231055b36abc7544181fd1bdf19a6f41adc07b98254c7707e6c67f7bf8791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=101671231055b36abc7544181fd1bdf19a6f41adc07b98254c7707e6c67f7bf8791426b5417dce21&rand=03998241
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=101671231055b36abc7544181fd1bdf19a6f41adc07b98254c7707e6c67f7bf8791426b5417dce21&rand=03998241&expected_cookie=7031ab5d-ede3-4326-9b54-b5d185afd84b
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=101671231055b36abc7544181fd1bdf19a6f41adc07b98254c7707e6c67f7bf8791426b5417dce21&rand=03998241&expected_cookie=7031ab5d-ede3-4326-9b54-b5d185afd84b
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 3F04B7154EDC4E9883873232B06724C9 Ref B: MIAEDGE2316 Ref C: 2024-01-04T08:56:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOGuh4/2c5QvjbMMoRAw==

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BAC5FA0BA9C64B5FABD63B49BFAE6C97 Ref B: MIAEDGE2316 Ref C: 2024-01-04T08:56:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=101671231055b36abc7544181fd1bdf19a6f41adc07b98254c7707e6c67f7bf8791426b5417dce21&rand=03998241&expected_cookie=7031ab5d-ede3-4326-9b54-b5d185afd84b
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOGuh3CHJLTvEhGJKUAw==
s
googleads.g.doubleclick.net/pagead/drt/ Frame DE65 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:04:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx
prebid
ads.yieldmo.com/exchange/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-0115eba8-b4ce-4839-bee5-c28a1c9b14c8_1_1_ad%22%2C%22callback_id%22%3A%222309a1a2eea41f6d%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.J%23sidebar-10%22%2C%22tid%22%3A%22106f3bab-2f52-438a-89e6-c6f0e974fe44%22%2C%22auctionId%22%3A%222fe24173-b4b4-4442-b8d4-5334ff714184%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358591894&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/ 		0
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidjs
rtb.openx.net/openrtbb/ 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
40451f59f0361365bc37e96f476f8bcfe4e9bf6c5321a1fb1c566c0ac58767b1

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
883071827a578262899cb26d0657451499df0b5cbee40e5c52d0f68712bc2a0c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
imp
g2.gumgum.com/hbid/ 		1 KB
1012 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358591896&to=600&aun=mmt-0115eba8-b4ce-4839-bee5-c28a1c9b14c8_1_1_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.J%23sidebar-10&pv=75c5cf24-446c-42d5-9a69-459cc20eb95c&maxw=160&maxh=600&si=490025&pi=3&bf=160x600&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d49704476198bf7410e85ee99b6e02a9246fdcfffe56b2a14a872fbbd1768be0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		489 B
523 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=9&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.J%23sidebar-10&tk_flint=pbjs_lite_v8.12.0&x_source.tid=2fe24173-b4b4-4442-b8d4-5334ff714184&l_pb_bid_id=236d039d591f9e35&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=106f3bab-2f52-438a-89e6-c6f0e974fe44&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.J%23sidebar-10&slots=1&rand=0.3535258412279161
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
86999686f2196e2f3cc6bdd8633da04516c9289974e0127a25504b891b4e232c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
489
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		766 B
996 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22238a18b23bd8dbce%22%3A%22177369c437c672237248%7C160x600%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDS.J%23sidebar-10%2Cc%3Dv%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=419c5834-665d-45e4-9e79-2bf73d52939f&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%222fe24173-b4b4-4442-b8d4-5334ff714184%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
4f9375aeea612c4f013d5a9e03c3da5ff8bf7d20d10b536674cd21af7f742560
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-55
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
451
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		353 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ad4d6897c1a90f0a5dd55e842e606c0fe1e17552c4ea7416ccdabe76d120d137

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:31 GMT
c
prebid.a-mo.net/a/ 		1 KB
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
d96ddfcdc35afdc530000822c1fb62c18df907503e4af85f894d2c5d80b6796c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
496
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:31 GMT
an-x-request-uuid
08de9e73-ca6a-4c12-a3ba-ba9be42087e2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
0
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
524623006
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
cf48c7ee91a0c1acf4922e5f8efa8a6bf5caa6621a8362afba1a7568b60165ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
71
content-length
181
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
translator
hbopenbid.pubmatic.com/ 		0
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
0fa73cc161f0c333589cea49309393682986528e8f8797aa62342e0d2be85f87

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
/
loadus.exelator.com/load/
Redirect Chain
  • https://loadus.exelator.com/load/?p=233&g=001&j=d
  • https://loadus.exelator.com/load/?p=233&g=001&j=d&xl8blockcheck=1
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loadus.exelator.com/load/?p=233&g=001&j=d&xl8blockcheck=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
52.26.6.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-6-186.us-west-2.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
f0eab8e09f59b3857aa49cc3da932d0cf266631d5381c8480708dbb1e10e52d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
application/x-javascript;charset=UTF-8
date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=233&g=001&j=d&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
encrypt
esp.rtbhouse.com/ 		221 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
997f1057c4a331ee9a8470496420815177dded09524ec898628b845d9380d14b

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
e5cdd5a992854b3e7a5fbfd9ec9d701a
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=b.r&u=df664826-5c9a-46f1-947a-56f39263c30d&d=%7B%22utm%22%3A%7B%7D%7D
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021037
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
quant.js
secure.quantserve.com/ Frame 6C93 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 11 Jan 2024 08:56:32 GMT
truncated
/ Frame 4D44 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34ac73a130a8fedd5eccef300b8c2021b0d28e04da3c5854cfde6532f9ba550f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
map
bcp.crwdcntrl.net/6/ 		156 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6085b089fabe11b72ec4ce9208949cd89d9fd0e7f711e28599fd56f55f7e21ba

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache
x-server
10.40.6.45
access-control-allow-credentials
true
content-length
156
expires
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D25C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Thu, 04 Jan 2024 08:56:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?aax_id=AAX8RN661&upapi=true
  • https://btloader.com/tag?o=5761653252554752&upapi=true
53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5761653252554752&upapi=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f32be59d3e79311ba9744ae85fcd16e301798b8793283459ffc143001c8b6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 04 Jan 2024 08:45:13 GMT
server
cloudflare
age
639
etag
"26a4dbf856d96eaee8bdd470b664e541"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
840244d0ff253346-MIA
content-length
18238

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
639
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5761653252554752&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
840244d03ec13346-MIA
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
0NETFSVB20P7G5Q6
age
2860
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
840244cfdc3125be-MIA
x-amz-id-2
ZBcj16d26z7u9R/OuFzrXHOVCnbeDV/7PMG5psORhuMvWUR/zL30rWK2qqN6EaoKjgAas7Yw83C+nb6oI5hB+g==
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 0777 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
24828
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 02:02:43 GMT
etag
9219409622527106327
expires
Thu, 18 Jan 2024 02:02:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame DE65
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Thu, 04 Jan 2024 08:56:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 5999 		725 B
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
30dbce9216c7573d1d1183fadbd3243ee8247d122fe7a9f9d4eb602ba785bc6f

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
454
content-type
text/html
date
Thu, 04 Jan 2024 08:56:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
truncated
/ Frame 7A97 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81441a88f828faa122f04448322508bb2b7a9f427fad3c5164b6d4dc364d3e66

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame F8ED 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqyz3m6y&c=177665056126&slotId=88832528063&qqid=COTbp8Ouw4MDFXEUaAgdkuUDeg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8ED 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 21:15:16 GMT
x-content-type-options
nosniff
age
42076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 21:15:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8ED 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 21:17:32 GMT
x-content-type-options
nosniff
age
128340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 21:17:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8ED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ce5lbv3KWZaSAHPGooPMPksuP0Aecge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzEwOTg2NDI1OTM0ODkzOMgBBagDAcgDAqoE3gFP0A1aCrFU7mb3cGNkbooRz7cT6rZlrFG07NI4dvlfz6ZSw25y7CtBESk2aQUYyl00XDUjssmoEGrAs90Rnzzs_Hv4HF7ykLvNpr8Ki0S5w9Nc0bpKw66xskrD9EnMaJS-Q_Hl3n5tLIdYAaxnQVRbkI9lsw2wTfRuDZVBbp5eQadmSBWRrzVIKkQmlHm3pmUR_b5ZY_ZnmNbpLIIMpecqSeBQP5CoLjG6bFAfoyac918C7AsBbvdif2poEJ9mES2gO5iTLioGD7ChEBPHWqOG1VpXgAkb4wOsSJL36SmABrmp3cLv29aGhgGgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYxcOnw67DgwP6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1704358592050&ai=Ce5lbv3KWZaSAHPGooPMPksuP0Aecge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzEwOTg2NDI1OTM0ODkzOMgBBagDAcgDAqoE3gFP0A1aCrFU7mb3cGNkbooRz7cT6rZlrFG07NI4dvlfz6ZSw25y7CtBESk2aQUYyl00XDUjssmoEGrAs90Rnzzs_Hv4HF7ykLvNpr8Ki0S5w9Nc0bpKw66xskrD9EnMaJS-Q_Hl3n5tLIdYAaxnQVRbkI9lsw2wTfRuDZVBbp5eQadmSBWRrzVIKkQmlHm3pmUR_b5ZY_ZnmNbpLIIMpecqSeBQP5CoLjG6bFAfoyac918C7AsBbvdif2poEJ9mES2gO5iTLioGD7ChEBPHWqOG1VpXgAkb4wOsSJL36SmABrmp3cLv29aGhgGgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYxcOnw67DgwP6CwIIAYAMAdAVAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F8ED 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqyz3m7n&c=177665056126&slotId=88832528063&qqid=COTbp8Ouw4MDFXEUaAgdkuUDeg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.i0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.php
ads.us.criteo.com/delivery/r/0.1/ Frame F8ED 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/0.1/vast.php?z=ZZZyvwAHACQIaBRxAAPlknI1aVXiBLsjm9bRhQ&u=%7C5ENOcGwMKVlvn0HKgiUlyxQYPh3ISliB2P2%2B%2BpVcd2I%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7PMFcSxDHU8mX2C4BIbwGK4uryYANkyASyNwhq34orT2_QnFVp3pZMMGnV1g8gHwXNuNiKAYVHsSy7H1XjY_I-hYsj1EPoJeLSTXGz3zjAWR-tfXnkwW5kf5OJCQu05h9VVZI2tvgkPqsrEGvFCLxyMNsGruOEv7gqyArK38og12c5WryerPZrIELun_yP9VtDI5eOvB7fN7yZtLqjr3cNXszR_sg71EQrR9ZQNqUcpRkDI2-w95EBatZV1OmDC3aJxZEtcZLOXxf1gckDTKeGIdnspCFlFy_w4zZ21RFoR8Ep3Kj46rZUWzZaMXifhd2wq0ECq8XBijwcabPSzVoMVtX9uOpYLuoCscjKOoIbxO6FQnwVeKHJ9t37tts_LbEEPoy1nDy8eKKkjJbBIB3tgMD3Wibrjeh1G2ueutt1LHr1afy4Ndps6Kxdsuug2fEQ-nSUPKWR6Gd_LI25W_F3Y0VGMt5VJVQMHmegZrJLMNRvwGx7P-skcSpFcQ9nBvDz5t5uJN3D0xaO_Zh4nnJ7s8guanV3HFkU520sfGVrWkIyg461gJMPATb2GRE_sr9E8NX_O2oZiiHvUtmpVA5Fo7uiIcd9awGw&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe5lbv3KWZaSAHPGooPMPksuP0Aecge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzEwOTg2NDI1OTM0ODkzOMgBBagDAcgDAqoE3gFP0A1aCrFU7mb3cGNkbooRz7cT6rZlrFG07NI4dvlfz6ZSw25y7CtBESk2aQUYyl00XDUjssmoEGrAs90Rnzzs_Hv4HF7ykLvNpr8Ki0S5w9Nc0bpKw66xskrD9EnMaJS-Q_Hl3n5tLIdYAaxnQVRbkI9lsw2wTfRuDZVBbp5eQadmSBWRrzVIKkQmlHm3pmUR_b5ZY_ZnmNbpLIIMpecqSeBQP5CoLjG6bFAfoyac918C7AsBbvdif2poEJ9mES2gO5iTLioGD7ChEBPHWqOG1VpXgAkb4wOsSJL36SmABrmp3cLv29aGhgGgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYxcOnw67DgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Wl15O2b73L53Sy1ODVjZypE8C7w%26client%3Dca-pub-7109864259348938%26adurl%3D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
66d1b585057f103f08fa719768fed142f6d5b77310e9ce1eee61407b7aac5f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5135301
pragma
no-cache
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
vary
Origin,Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 1997 05:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 0777 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:25:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
66640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:25:52 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6F4C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:04:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0777 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36764
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0777 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:45 GMT
5128509149857274083
tpc.googlesyndication.com/simgad/ Frame 0777 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5128509149857274083?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkb5ooUfEmYKbWK5Kg7Y_PUih1QUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4ce995c16b61adea437bc4157c1e83c76af2703adaaf625cd7062b525e89afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:02:11 GMT
x-content-type-options
nosniff
age
14061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29611
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 16:54:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Jan 2025 05:02:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0777 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:34 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0777 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
44263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 20:38:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=4100646332312364&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDS.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=7&didk=3353522815&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358592103&lmt=1704287131&adxs=1015&adys=129&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYgfnAnc0xSABSAghkEjsKCnB1YmNpZC5vcmcSJGRmYzg0NDJjLTZlMmMtNDRhNC05ODkzLThiNGQwODEwYTE0ZRiW-sCdzTFIABIdCg5lc3AuY3JpdGVvLmNvbRiB-cCdzTFIAFICCGQSFwoIcnRiaG91c2UYgfnAnc0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVIyOUpWMEpFV1ZGU05HMUJXV3RzWTFvM1JETjZVVDA5SW4wPRiD_MCdzTFIABIZCgp1aWRhcGkuY29tGIH5wJ3NMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8vvAnc0xSABSAghq&dlt=1704358590346&idt=1247&prev_scp=pos%3D1%26monu%3D300x250_A1%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3D_notchrome_10.00%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=4276375253&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db5cbcada68a8d860320ba859874a5826ecc9079d803e8cdc2746270393f614d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21201
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 579F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 03 Jan 2025 08:56:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 9624 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 07:45:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 08:56:32 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9624 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:56:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
64783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:56:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9624 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:25:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
66640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:25:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9624 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36764
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9624 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:43:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
36767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:43:45 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9624 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:34 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 9624 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Mar 2024 14:54:51 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		75 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=3404982874636766&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDR.D&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=8&didk=2997991039&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358592130&lmt=1704287131&adxs=-322&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYgfnAnc0xSABSAghkEjsKCnB1YmNpZC5vcmcSJGRmYzg0NDJjLTZlMmMtNDRhNC05ODkzLThiNGQwODEwYTE0ZRiW-sCdzTFIABIdCg5lc3AuY3JpdGVvLmNvbRiB-cCdzTFIAFICCGQSFwoIcnRiaG91c2UYgfnAnc0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVIyOUpWMEpFV1ZGU05HMUJXV3RzWTFvM1JETjZVVDA5SW4wPRiD_MCdzTFIABIZCgp1aWRhcGkuY29tGIH5wJ3NMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8vvAnc0xSABSAghq&dlt=1704358590346&idt=1247&prev_scp=pos%3D4%26monu%3D300x250-160x600-300x600_A4%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_pillar%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3118109403&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5e3a3028818d6c1e6a39fb5e8cde0f00341d2a7aed2bf95e35b5630d313bff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30372
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		77 KB
35 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=3010130789367658&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=9&didk=2824074649&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358592148&lmt=1704287131&adxs=1015&adys=563&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYgfnAnc0xSABSAghkEjsKCnB1YmNpZC5vcmcSJGRmYzg0NDJjLTZlMmMtNDRhNC05ODkzLThiNGQwODEwYTE0ZRiW-sCdzTFIABIdCg5lc3AuY3JpdGVvLmNvbRiB-cCdzTFIAFICCGQSFwoIcnRiaG91c2UYgfnAnc0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVIyOUpWMEpFV1ZGU05HMUJXV3RzWTFvM1JETjZVVDA5SW4wPRiD_MCdzTFIABIZCgp1aWRhcGkuY29tGIH5wJ3NMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8vvAnc0xSABSAghq&dlt=1704358590346&idt=1247&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_A2%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3D_notchrome_10.00%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1287942552&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b485828ec0e76f938fce17ee7ba57345017910bacf147cf77be7c58e724a3bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35871
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F8ED 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
575d691dce5bb26b10eff6b57252d0df26fb3107ce8ab81718fcf9486e462ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=379248707521746&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDS.D&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=10&didk=1847662068&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358592163&lmt=1704287131&adxs=8&adys=730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYgfnAnc0xSABSAghkEjsKCnB1YmNpZC5vcmcSJGRmYzg0NDJjLTZlMmMtNDRhNC05ODkzLThiNGQwODEwYTE0ZRiW-sCdzTFIABIdCg5lc3AuY3JpdGVvLmNvbRiB-cCdzTFIAFICCGQSFwoIcnRiaG91c2UYgfnAnc0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVIyOUpWMEpFV1ZGU05HMUJXV3RzWTFvM1JETjZVVDA5SW4wPRiD_MCdzTFIABIZCgp1aWRhcGkuY29tGIH5wJ3NMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8vvAnc0xSABSAghq&dlt=1704358590346&idt=1247&prev_scp=pos%3D4%26monu%3D160x600_B4%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3D_notchrome_10.00%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=932655064&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e6d41d584bfb483f312989c2f6e973fc6c5e30d644e8f46b4d5243811619b31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12606
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 1D80
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-...
407 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7f011ccdb2ca1d8157d43d67d4f8c21f9c6c04b9127a391def4ab1906a22cb64
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
407
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 04 Jan 2024 08:56:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HZ66TERNM06REG7K6HZC

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 04 Jan 2024 08:56:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EXW9TX49Y83RW24620CV
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=2148803713364154&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDH.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=11&didk=2360857655&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358592177&lmt=1704287131&adxs=222&adys=523&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=728x0&msz=728x0&fws=4&ohw=1600&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYgfnAnc0xSABSAghkEjsKCnB1YmNpZC5vcmcSJGRmYzg0NDJjLTZlMmMtNDRhNC05ODkzLThiNGQwODEwYTE0ZRiW-sCdzTFIABIdCg5lc3AuY3JpdGVvLmNvbRiB-cCdzTFIAFICCGQSFwoIcnRiaG91c2UYgfnAnc0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVIyOUpWMEpFV1ZGU05HMUJXV3RzWTFvM1JETjZVVDA5SW4wPRiD_MCdzTFIABIZCgp1aWRhcGkuY29tGIH5wJ3NMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y8vvAnc0xSABSAghq&dlt=1704358590346&idt=1247&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26bidder_responseTime%3Dsynacormedia_400%26auction_id%3De736b74b-806f-4453-838f-acf49a3e8544%26monu_df%3D0.01%26safeframe%3Dfalse%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D25798afc090b1137%26hb_bidder%3Dsynacormedia%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dsynacormedia_notchrome_0.01%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=891648550&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdf2b172ac40e0296a41ad02c9b84fb955e9f43391c4894c23ce0289e26de6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20954
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
5de94f19-0f3b-ea37-eb63-9741fcc00979
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5999 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/5de94f19-0f3b-ea37-eb63-9741fcc00979?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:6096:7d74:cf85:e5f3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 5999
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=91f85520-833d-c384-1aba-03236ba40fd0
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=91f85520-833d-c384-1aba-03236ba40fd0&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=91f85520-833d-c384-1aba-03236ba40fd0&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KXYF323266WMRQSJEKB3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H1JNVCH921R9K0H167WC
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=91f85520-833d-c384-1aba-03236ba40fd0&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5999
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c92e295d-9f97-787e-dab4-81b40397c430&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=c92e295d-9f97-787e-dab4-81b40397c430&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttd_puid=c92e295d-9f97-787e-dab4-81b40397c430&gdpr=0&gdpr_consent=
43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttd_puid=c92e295d-9f97-787e-dab4-81b40397c430&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttd_puid=c92e295d-9f97-787e-dab4-81b40397c430&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:32 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 5999 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTU0MWZhOTctNTZlMC0yNmRhLWNmNTQtZGIwZGM5NzUwYTUw
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5999
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECPee7GfZeJJiR3s47NfK08&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECPee7GfZeJJiR3s47NfK08&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECPee7GfZeJJiR3s47NfK08&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.758780094437335
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-QZYJWTfT7szzE0haPu2mww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-QZYJWTfT7szzE0haPu2mww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.72090597772768
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-OLgF9kj-V9OiXs9EWef8pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-OLgF9kj-V9OiXs9EWef8pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
data=jGNDyV4XjQh0ybupqCN1sK9KxKc8PiO2RrQTWHSApT4xmC5t_fAO068t6uT8VDXj8O2kSP2xGWoiMqHVceQmcQ
mts0.google.com/vt/ Frame 9624 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=jGNDyV4XjQh0ybupqCN1sK9KxKc8PiO2RrQTWHSApT4xmC5t_fAO068t6uT8VDXj8O2kSP2xGWoiMqHVceQmcQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
truncated
/ Frame 9624 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9624 		465 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9624 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9624 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=4039375432247280&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDA.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=12&didk=4110994414&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358592232&lmt=1704287131&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi-_cCdzTFIABI7CgpwdWJjaWQub3JnEiRkZmM4NDQyYy02ZTJjLTQ0YTQtOTg5My04YjRkMDgxMGExNGUYlvrAnc0xSAASHQoOZXNwLmNyaXRlby5jb20YgfnAnc0xSABSAghkEhcKCHJ0YmhvdXNlGIH5wJ3NMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSMjlKVjBKRVdWRlNORzFCV1d0c1kxbzNSRE42VVQwOUluMD0Yg_zAnc0xSAASGQoKdWlkYXBpLmNvbRiB-cCdzTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPL7wJ3NMUgAUgIIag..&dlt=1704358590346&idt=1247&prev_scp=pos%3D2%26monu%3D728x90_B2%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3629196272&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
561a913572ba12eebc9fb27ec3ff8877ec3cb9c3253beaf5eaac7cc593a29afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12405
x-xss-protection
0
google-lineitem-id
6239183429
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138386434142
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=b.r&u=8ac367b4-1fc1-4e9e-90a8-296aa003810e&d=%7B%22utm%22%3A%7B%7D%7D
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021038
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
csi
csi.gstatic.com/ Frame F8ED 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqyz3m83&c=177665056126&slotId=88832528063&qqid=COTbp8Ouw4MDFXEUaAgdkuUDeg&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame F8ED 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 29 Dec 2024 08:56:32 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		135 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=1778539957982211&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDB.I&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=13&didk=3510166364&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358592315&lmt=1704287131&adxs=436&adys=45&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=728x0&msz=728x0&fws=4&ohw=1600&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi-_cCdzTFIABI7CgpwdWJjaWQub3JnEiRkZmM4NDQyYy02ZTJjLTQ0YTQtOTg5My04YjRkMDgxMGExNGUYlvrAnc0xSAASHQoOZXNwLmNyaXRlby5jb20YgfnAnc0xSABSAghkEsIBCghydGJob3VzZRKsAUVMYkFpSXN2TW9BczdRcTZLcFNxaHlLUTMzejFCYnlOcVo0QlMwWXdNYVRxRWhTQm5MUUNBT1c5Sk16VEU3WUVraEU4NXA4eXFMTmFSR1pOd3lSaXBVNHdkSVhNNWZXbUs3Ris1R3FIZ0VNSTlwYmpNV1BQS0lhMENQY1BJTXVyUzVBeHducFRnVmdiZURpYkI1dGJxemNQV28vSHZEZGpNdzMxMUVzQWFNWT0Yof7Anc0xSAASPgoFb3BlbngSLGV5SnBJam9pUjI5SlYwSkVXVkZTTkcxQldXdHNZMW8zUkRONlVUMDlJbjA9GIP8wJ3NMUgAEhkKCnVpZGFwaS5jb20YgfnAnc0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjy-8CdzTFIAFICCGo.&dlt=1704358590346&idt=1247&prev_scp=pos%3D9%26monu%3D728x90_A9%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_header%26allowNative%3Dfalse%26bidder_responseTime%3Dsynacormedia_400%26auction_id%3D59593e80-132f-48df-8a84-ff33e8093e51%26monu_df%3D0.08%26safeframe%3Dfalse%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D258bcaec7333de2c%26hb_bidder%3Dsynacormedia%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dsynacormedia_notchrome_0.08%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1479370235&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a9c6034dfda97a5e75b6066382de459b92db3a6c50cb534a39c2549b0a81601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45031
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
40e07c8bc2294757a602d710dcd4b26b_red-west.mp4
static.criteo.net/design/dt/90094/5198451/ Frame F8ED 		579 KB
580 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/90094/5198451/40e07c8bc2294757a602d710dcd4b26b_red-west.mp4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
85fe6e0446db20124accfcff669665b9a77df7420a9b32779190a451a2fc9982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 22 Dec 2023 03:47:26 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"658506ce-90da5"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-593316/593317
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
593317
expires
Sun, 29 Dec 2024 08:56:32 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX8RN661&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
349236
x-guploader-uploadid
ABPtcPoneNYke7fO2kzH0x2YRcqOyFvMbvpKdkHDnNQbhurKfj2gEAJMTj8CoElGm6RQbaLonIYqKBdkTg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCSRbFq6ctriimaIVdt%2FnLdVlxYnYuZwnDYuRN7lvtJXer03ZwmfodNW6Ax75emZvH4gUiN6fHvApCAOuN209Nk1sc%2FB3AdiwDdEoIzH7jYcg7IXz0EIuND41RW%2FrhAV74yXP2tv79zZvVu9tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
840244d28c4009de-MIA
expires
Sun, 31 Dec 2023 08:39:47 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 Jan 2024 01:31:27 GMT
px.gif
ad-delivery.net/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.4420668709678708
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
349236
x-guploader-uploadid
ABPtcPoneNYke7fO2kzH0x2YRcqOyFvMbvpKdkHDnNQbhurKfj2gEAJMTj8CoElGm6RQbaLonIYqKBdkTg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZieoGqgOrFAPh5Xnnj4PUC5osvQ7APtQRnrnjKTrT%2FIFfxnwopiLVYOQCvEOgdRoZL9ZGY%2BT7ZWwk8%2ByOpokKqcruaMA8nfb9NM6GeIj1wX1E6asxZEKl70SUcThXzIS9zfkFVCIPvtIEOw9Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
840244d28c4109de-MIA
expires
Sun, 31 Dec 2023 08:39:47 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=641367592629076&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDS.J&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=14&didk=2589088969&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358592331&lmt=1704287131&adxs=1432&adys=730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi-_cCdzTFIABI7CgpwdWJjaWQub3JnEiRkZmM4NDQyYy02ZTJjLTQ0YTQtOTg5My04YjRkMDgxMGExNGUYlvrAnc0xSAASHQoOZXNwLmNyaXRlby5jb20YgfnAnc0xSABSAghkEsIBCghydGJob3VzZRKsAUVMYkFpSXN2TW9BczdRcTZLcFNxaHlLUTMzejFCYnlOcVo0QlMwWXdNYVRxRWhTQm5MUUNBT1c5Sk16VEU3WUVraEU4NXA4eXFMTmFSR1pOd3lSaXBVNHdkSVhNNWZXbUs3Ris1R3FIZ0VNSTlwYmpNV1BQS0lhMENQY1BJTXVyUzVBeHducFRnVmdiZURpYkI1dGJxemNQV28vSHZEZGpNdzMxMUVzQWFNWT0Yof7Anc0xSAASPgoFb3BlbngSLGV5SnBJam9pUjI5SlYwSkVXVkZTTkcxQldXdHNZMW8zUkRONlVUMDlJbjA9GIP8wJ3NMUgAEhkKCnVpZGFwaS5jb20YgfnAnc0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjy-8CdzTFIAFICCGo.&dlt=1704358590346&idt=1247&prev_scp=pos%3D10%26monu%3D160x600_B10%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3D_notchrome_10.00%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2393718110&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33fc0077fde184e96b9b9f636783b0020b1125ea7004a3cd541e19207d27473c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12590
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6F4C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Thu, 04 Jan 2024 08:56:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9624 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5094fc819adc9a6415fc6c55731c8432178ed47a8e29e400e705d4fbe4cc2c88

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0777 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b48d1972b1f3e9a59bb76c8008c061e7a4f579d2cac8e228f083074d4f14bbe4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q5tc023gqhA8CYrLho3Vjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-security-policy
script-src 'report-sample' 'nonce-Q5tc023gqhA8CYrLho3Vjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-00TsOkvHvnsZU.js
rules.quantcount.com/ Frame 6C93 		160 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:4a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
600296d979650e8cbc41ca2950c1a33de723a6137494a8c80b4a7b9c42b2e61b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:05:10 GMT
via
1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
3157
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:56:02 GMT
server
AmazonS3
etag
"1606c77f964fed869c1c52ad7f0e3885"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
X3IxyIGN0cMcbpGlDqu4qZzBKgwLdNwSUhmEmYIMnOA73zygRSDP4Q==
/
load.exelator.com/load/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MWI3OGRkN2I4MWE4NzZiOTczNTExNjk4NDc1MzIwYzY&&google_redir=https://load.exelator.com/load/?p=204&g=109
  • https://load.exelator.com/load/?p=204&g=109
134 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load.exelator.com/load/?p=204&g=109
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
52.26.6.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-6-186.us-west-2.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
application/x-javascript;charset=UTF-8
date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://load.exelator.com/load/?p=204&g=109
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://idsync.rlcdn.com/397416.gif?partner_uid=1b78dd7b81a876b973511698475320c6
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008LEfQ5zTg_8Mg9jUB7jB0MY02qUaFwfXsfplKJ3Obr9g
44 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008LEfQ5zTg_8Mg9jUB7jB0MY02qUaFwfXsfplKJ3Obr9g
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
2600:9000:269f:9400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 a6f2e7c3dd76750ec70d32e7fcf09838.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
HpkhDeoKKaKq7Ir55UaApwfyAr4ic7X8DllJCZ33OyPEKe5uCpYt-A==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008LEfQ5zTg_8Mg9jUB7jB0MY02qUaFwfXsfplKJ3Obr9g
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dcm
s.amazon-adsystem.com/ 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=1b78dd7b81a876b973511698475320c6
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3195FKG0YBNH25QR76F1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
nmcsync.imrworldwide.com/ 		35 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmcsync.imrworldwide.com/?xuid=1b78dd7b81a876b973511698475320c6
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.72.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-72-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=31536000
max-age
0
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
content-type
image/gif
p3p
P3P policyref="http://nmcsync.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
35
expires
0
adsct
analytics.twitter.com/i/ 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=1b78dd7b81a876b973511698475320c6&p_id=28539
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time
5
date
Thu, 04 Jan 2024 08:56:31 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
ca2ab08c9f5e00ad
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
755832e85bbe2c38511e2ad2e7502e900f04d1c786768ca6dc5c7a08757d9a23
content-length
43
pr
s.amazon-adsystem.com/v3/ Frame 22EB 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c6178151182261f3a2fadd1830c273059c6d51f9b073f03d33069c7b1d43421c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3916
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 04 Jan 2024 08:56:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7SF851VK4MD285KFSPT9
ecm3
s.amazon-adsystem.com/ Frame 22EB
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KFAJ1FDSMK7J1RKPPK93
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=
Date
Thu, 04 Jan 2024 08:56:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 22EB
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZSVGJNWW331CMFNYKABX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2&gdpr=0
date
Thu, 04 Jan 2024 08:56:32 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 22EB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1704358592634
  • https://ad.turn.com/r/cs?pid=45&rndcb=2694834854
  • https://sync.1rx.io/usersync/turn/7995778992001487599?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-d414429b-91ca-4e66-977e-78eb...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KB4CSC0Q0E84N8SWDS2H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
date
Thu, 04 Jan 2024 08:56:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd414429b91ca4e66977e78ebb86b19bc005
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame 22EB
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=331d97c4aa
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=331d97c4aa
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QCMTW4P1YDTNY5Q3DF3W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:55:36 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
56
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=331d97c4aa
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
wEN54XRDCh0WKt4HKk7je7RfvNuP01_HKPq4oKHqc5w1V6EADH7tMQ==
/
onetag-sys.com/match/ Frame 22EB 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 22EB
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=42D3FF6D47FB4FDCBA093AD588E3B0A1&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=42D3FF6D47FB4FDCBA093AD588E3B0A1&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VMSZW6J4WJGDWSWEF7RG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=42D3FF6D47FB4FDCBA093AD588E3B0A1&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 03 Jan 2024 08:56:32 GMT
ecm3
s.amazon-adsystem.com/ Frame 22EB
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded221a01ed952t9qag00lqyz3mox
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded221a01ed952t9qag00lqyz3mox
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4N7WXBCK1GE956FNBY9C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded221a01ed952t9qag00lqyz3mox
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 22EB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=oaPM0sJO2eiGBZGXbFb6&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=oaPM0sJO2eiGBZGXbFb6&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KXSDTE8MK5E4ZA6YB6E3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=oaPM0sJO2eiGBZGXbFb6&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 884C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
584eb609b4547f7250cff10a80733c4b88ff46f8d62e9f64bc7414c66363c4a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Jan 2024 08:56:32 GMT
etag
W/"034983ea0327a5c5142288876619ff126"
server
nginx
timing-allow-origin
*
cm
u.openx.net/w/1.0/ Frame 7486 		867 B
830 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c16b2923f5d2b5db11044bf02b7ce094138a01a1d15f5adc365bdb9e8ddd3b93

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
527
content-type
text/html
date
Thu, 04 Jan 2024 08:56:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame E28D
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3011296250024499263&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3011296250024499263&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
K2E5TFNHZ064BW01A2JS

Redirect headers

content-length
0
date
Thu, 04 Jan 2024 08:56:31 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3011296250024499263&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame E668
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=d5bc226a1bc13e0585575a375e2ac5e5
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=d5bc226a1bc13e0585575a375e2ac5e5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5GSA5T6QQGANN0YM98FJ

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=d5bc226a1bc13e0585575a375e2ac5e5
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
4
/
match.sharethrough.com/jwumXNuB/v1/ Frame E4C2 		548 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6bc49fa1116e0d6bf08ad0569e8af2504609cf54b31eb5768a3067e8e0daccda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
548
date
Thu, 04 Jan 2024 08:56:32 GMT
usync.html
eus.rubiconproject.com/ Frame 4DBF 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:32 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame B724
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
849 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
9c0d8412dcaa1724b257d62e0add98a0db7d894babef6c106799ebabbfd2fe12
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
849
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5b8764964b-rrwsw
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-5b8764964b-rrwsw
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 8209
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0
  • https://s.amazon-adsystem.com/ecm3?id=636979850693708765&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=636979850693708765&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1MK3EGNYN60SJCKAZ53B

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
672aa052-0a73-4db0-95e3-a6eb4fec7de3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=636979850693708765&ex=appnexus.com&gdpr=0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 1CC4
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2470123173329690347838
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2470123173329690347838
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CP8TYWYK36XCJRWZ8ZYK

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 04 Jan 2024 08:56:32 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2470123173329690347838
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 1F44 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 18:02:45 GMT
age
53627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 18:02:45 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1F44 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 22:45:54 GMT
age
36638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 22:45:54 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1F44 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 19:07:48 GMT
age
49724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 19:07:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1F44 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 18:02:45 GMT
age
53627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 18:02:45 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1F44 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 20:40:25 GMT
age
44167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 20:40:25 GMT
truncated
/ Frame 1F44 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d47e3001d9ff9d8536d41200b7eba52d7858ebfba160152ccee7162d24351fe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
pixel
protected-by.clarium.io/ 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MTYweDYwMA==&v=5&s=v31hj9r0g1k&h=duperb-shop.ngontinh24.com&cb=1333928&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNVFl3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMTYwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDExNjUxODMwMS9JTjQ0Tk0vSU40NE5NLUREUy5EIiwieSI6NTY1NDk2LCJjbyI6MCwicyI6Im1tdC04MjdmYzhlMC04MmZmLTQ2OTAtODNjMy1kMjM4MGM3NTI0YmJfMV8xX2FkIn19
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
17469995450068801122
tpc.googlesyndication.com/simgad/ Frame 1F44 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17469995450068801122?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnG50e4yyzPwiHyxs9oHCtRG5Ni6w
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf68a8424e11b53face94023607c7c981ecdb60345bcb0e44205d6b8c13d57b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:34:41 GMT
x-content-type-options
nosniff
age
12111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42519
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 10:38:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Jan 2025 05:34:41 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F44 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 23:07:11 GMT
x-content-type-options
nosniff
server
cafe
age
35361
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 04 Jan 2024 23:07:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F44 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 18:57:20 GMT
x-content-type-options
nosniff
server
cafe
age
50352
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 04 Jan 2024 18:57:20 GMT
l
www.google.com/ads/measurement/ Frame 1F44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzEqbr0IggfG61dC4ZSSKtrfiuIQEc_z0mZeW8EevhShw_n9C6sT3HYsdVPPjC2NsFG5_X0WgEqRH_wZdAe_Yd1DH10A
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=p.f.i&u=IN44NM&d=%7B%22c%22%3A%22US%22%2C%22r%22%3A%22%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021038
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
ecm3
s.amazon-adsystem.com/ Frame 7486 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=91f85520-833d-c384-1aba-03236ba40fd0&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3S7S2P84B2YPGGX8Q4CA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame 7486 		0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=e7eaaad4-47fd-4237-8993-40be94343059
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 7486
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=9ce8563b-52d0-4e1e-85cd-01473a0ca5e8
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ce8563b-52d0-4e1e-85cd-01473a0ca5e8
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ce8563b-52d0-4e1e-85cd-01473a0ca5e8
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=9ce8563b-52d0-4e1e-85cd-01473a0ca5e8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 7486
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=636979850693708765
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=636979850693708765
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
an-x-request-uuid
56805afe-f5a9-41fe-a4c4-b85b2e2d2891
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=636979850693708765
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7486
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7851663803925631727&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7851663803925631727&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7851663803925631727&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame 7486 		0
0
usersync
usersync.gumgum.com/ Frame 884C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=636979850693708765
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=636979850693708765
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
an-x-request-uuid
84c472fa-d378-4873-b0aa-7c881b0f6b2e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=636979850693708765
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 884C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=gumgum2&bsw=97c6f5a2-cd54-4303-8f86-b973f7a4e46c
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=gumgum2&bsw=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=Y2VmMDEyOTdkODUwN2Q&gdpr=0&gdpr_consent=&us_privacy=&ssp=gumgum2&bsw_param=97c6f5a2-cd54-4303-8f86-b973f7a4e46c
  • https://usersync.gumgum.com/usersync?b=bsw&i=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=
Date
Thu, 04 Jan 2024 08:56:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 884C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=3e138d2d-b782-4028-bdcf-9159cbc7c576
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=3e138d2d-b782-4028-bdcf-9159cbc7c576
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=3e138d2d-b782-4028-bdcf-9159cbc7c576
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 884C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-ef956d8e-f409-5138-7252-8d79ad66eee1$ip$38.132.118.68
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-ef956d8e-f409-5138-7252-8d79ad66eee1$ip$38.132.118.68
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-ef956d8e-f409-5138-7252-8d79ad66eee1$ip$38.132.118.68
Date
Thu, 04 Jan 2024 08:56:32 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 884C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-XjiGXexE2peIIS6ty1lHdGWK7xuG8diznsAb~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-XjiGXexE2peIIS6ty1lHdGWK7xuG8diznsAb~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-XjiGXexE2peIIS6ty1lHdGWK7xuG8diznsAb~A
content-length
0
usersync
usersync.gumgum.com/ Frame 884C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
Date
Thu, 04 Jan 2024 08:56:32 GMT
Connection
keep-alive
X-CI-RTID
29cab2aa-8732-4a9c-9493-0ae724172735
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 884C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 04 Jan 2024 08:56:32 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 884C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=oaPM0sJO2eiGBZGXbFb6&gdpr=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=oaPM0sJO2eiGBZGXbFb6&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=oaPM0sJO2eiGBZGXbFb6&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 884C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=shPoxOvphQY2&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=shPoxOvphQY2&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=shPoxOvphQY2&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-gskrr
expires
-1
usersync
usersync.gumgum.com/ Frame 884C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3011296250024499263
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3011296250024499263
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3011296250024499263
date
Thu, 04 Jan 2024 08:56:31 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 884C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KHW2MA5TVA8XRHA8TFHH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F8ED 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNZYgv3KWZaSAHPGooPMPksuP0Aecge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItNzEwOTg2NDI1OTM0ODkzOMgBBagDAaoE2wFP0A1aCrFU7mb3cGNkbooRz7cT6rZlrFG07NI4dvlfz6ZSw25y7CtBESk2aQUYyl00XDUjssmoEGrAs90Rnzzs_Hv4HF7ykLvNpr8Ki0S5w9Nc0bpKw66xskrD9EnMaJS-Q_Hl3n5tLIdYAaxnQVRbkI9lsw2wTfRuDZVBbp5eQadmSBWRrzVIKkQmlHm3pmUR_b5ZY_ZnmNbpLIIMpecqSeBQP5CoLjG6bFAfoyac918C7AsBbrVgX_iurXQcmMaf7xSqyY63AJioPgsDwVD8XJPpniUDYsc4cXWABrmp3cLv29aGhgGgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYxcOnw67DgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzEwOTg2NDI1OTM0ODkzOBgA&sigh=1MFx4nVCARE&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_0KxryPIKqo-LKvd2ANist7H9EMUXq8UjJbIvWSn16KSE9KPiDp3sxgB5UAoK04zlbv58TMxCUkIEtxF-rzdpWLSKs_VrF3gbyBgB&vt=10&cbvp=2&vis=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=78619928&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=404&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 08:56:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
container.html
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2772 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 03 Jan 2025 08:56:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D4B8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 03 Jan 2025 08:56:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 18C5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=3718888275283899047&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=3718888275283899047&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=3718888275283899047&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 08FC 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84YmVkN2QxYy01ZGQ3LTQzZDgtOGYxZS0yZTg0NzYyMjI4MTM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4F1D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=130869
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 05 Jan 2024 21:17:41 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 40A3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Thu, 04 Jan 2024 08:56:32 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
server
Kestrel
usersync
usersync.gumgum.com/ Frame 07F6
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZZywcCo5ukAAG3uQjIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZZywcCo5ukAAG3uQjIAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 04 Jan 2024 08:56:33 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZZywcCo5ukAAG3uQjIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad389.dc4p.scaleout.jp
X-SO-IP
38.132.118.68
X-SO-Key
ZZZywcCo5ukAAG3uQjIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.68","key":"ZZZywcCo5ukAAG3uQjIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad389"}
X-SO-LB-Hostname
a-tgng40018.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad389
usersync
usersync.gumgum.com/ Frame 212C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 04 Jan 2024 08:56:33 GMT Thu, 04 Jan 2024 08:56:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:32 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 04 Jan 2024 08:56:32 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
container.html
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D46 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 03 Jan 2025 08:56:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 4DBF 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71926
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:55:18 GMT
ecm3
s.amazon-adsystem.com/ Frame E4C2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=d47d5a5d-7b3c-413f-a3f9-885860ad57ae
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6BNQKMAT7ZE1W66A8FSZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E4C2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:32 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame E4C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZDQ3ZDVhNWQtN2IzYy00MTNmLWEzZjktODg1ODYwYWQ1N2Fl
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E4C2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/sharethrough/d47d5a5d-7b3c-413f-a3f9-885860ad57ae?gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-XCASMiRE2oPvbFyMsj9KD6SpuO838uo.FKSkjo2ytU6z~A
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-XCASMiRE2oPvbFyMsj9KD6SpuO838uo.FKSkjo2ytU6z~A
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-XCASMiRE2oPvbFyMsj9KD6SpuO838uo.FKSkjo2ytU6z~A
content-length
0
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://duperb-shop.ngontinh24.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-max-age
86400
date
Thu, 04 Jan 2024 08:56:32 GMT
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 9FB8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnKmQqV9CzrpU--prhS_SQ55bdudSUf7NHviPczZnDVB08By7KuzBKAYbzhekfpf04UyeVvQEawNXedqD5UTAWn6quM-6gW4D9N3qWeyTYVuGOvtdYKXNHzx7O8f-T82EMs-CdAVVxr7jTMIx7jsI0q541Ux036aTU2ccodDrH9-677yEGll0JgexrX3fAjoxLd2VHR1jznkrig-siIRVRDHxYAvUjguI7P0rksbTYvEjTgaj3sawy79-5-nAOiE1fmq8XiX1mbAI7YnPJwyNK7nhto909swoiUwmmqZD6SBpHd-ILXyFDjD0T5Hh5jY_scaa0niCxgbXqSxUDUXPWmas9BLORhYCPpvNIWItBnxOX08azUwa7EUnsNNeSz5s40v6SSOab_IsjF0R2qX0p41EwYIH_&sai=AMfl-YSrLfqTNiGlI0Z6KbxCmhDmohpkWzIddP2M5yYpl6oR2vxKr3FcMue2BWB-PkNy6mqNZNddpVvkacRBZI6yhoViKN_E7VkvapMEDnpIHH-OVQfRgM9zrjMKH_ULB70&sig=Cg0ArKJSzK9vG662Ovx_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
infolinks_main.js
resources.infolinks.com/js/ Frame 9FB8 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
394517d77483c46884657d0078294783faab34398b9d9bb31e6acc754fecdc4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 04 Jan 2024 07:28:52 GMT
server
cloudflare
age
5257
etag
W/"107f-60e19aef28d13"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
840244d5596e5c64-MIA
expires
Thu, 04 Jan 2024 08:28:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FB8 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:32 GMT
pixel
protected-by.clarium.io/ Frame 9FB8 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzMxNjQyNTI1MzI6NzI4eDkw&v=5&s=v31hj9r0g88&id=eyJkZnAiOnsiYWQiOjQ5OTY4NzQzMTQsImMiOjEzODM4NjQzNDE0MiwibCI6NjIzOTE4MzQyOSwibyI6MzE2NDI1MjUzMiwiQSI6Ii8yMDg0MjU3NiwxMTY1MTgzMDEvSU40NE5NL0lONDROTS1EREEuQiIsInkiOjAsImNvIjowLCJzIjoibW10LTQyNThhZmVhLTk2MGYtNDE5YS05Y2QzLWQ5YjM5NDM3NDIyMF8xXzFfYWQifX0%3D&cb=1957476&h=duperb-shop.ngontinh24.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6TXhOalF5TlRJMU16STZOekk0ZURrdyIsIndkIjp7Im8iOjMxNjQyNTI1MzIsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
0f2bd4f3954b609193501dd956d7c1424d03231f0fef87c7fe67c7056c2bd22e

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		487 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!monumetric.com,fdd82422-8575-448e-84fe-fa092518ca2d,1,,,&eid_pubcid.org=dfc8442c-6e2c-44a4-9893-8b4d0810a14e%5E1&rf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.domain=duperb-shop.ngontinh24.com&tg_i.page=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tg_i.cat=239%2C264%2C266&tg_i.cattax=6&tg_i.id=fdd82422-8575-448e-84fe-fa092518ca2d&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2&tk_flint=pbjs_lite_v8.12.0&x_source.tid=5faf7e76-fc0f-4387-b7b4-1457ac715a13&l_pb_bid_id=26253c4b067ee3bb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7348c236-2ba5-485c-8f6e-ef7cb289726a&rp_maxbids=1&p_gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2&slots=1&rand=0.20060876142585293
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
29cc7242b9a11672bad51ea49dac7f23b732c2f2527048f2f329df9b1a16f23e

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
487
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
an-x-request-uuid
1e509452-f27e-4f19-b045-f4ae1df12c62
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&PageReferrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&CanonicalUrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
082eb8d994b05bcfa7551011745f5b48c386941970c98e59b8dcaa958ec5bb8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
77
content-length
181
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.176.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:33 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.213.2.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-2-212.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
89ba74998680d8b731949527f57d7f5d55664588268fb87db0a3c2a81d98ab5f

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
c
prebid.a-mo.net/a/ 		1 KB
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
1255a9bb3534a8a652b599cc3b740977e61fe5cad7fb24d6531f7ffe44b7ecc0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
498
imp
g2.gumgum.com/hbid/ 		1 KB
1012 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704358592789&to=600&aun=mmt-4258afea-960f-419a-9cd3-d9b394374220_1_2_ad&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&gpid=%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2&pv=75c5cf24-446c-42d5-9a69-459cc20eb95c&t=f1wmpn59&pi=2&uspConsent=1---&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=null&ns=9318
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.125.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-125-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5aff957d24ab17b48f7ad5c561739947d84e77d9d4ea338e5611472bcb458054

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/ 		0
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		16 B
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid
prebid.media.net/rtb/ 		353 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
01f5fbd177632d79bc7a319df80fbef8f76c23b20984662d9ce9f40115514edd

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 08:56:32 GMT
trinity.json
apex.go.sonobi.com/ 		766 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2228297709c1b3e355%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&s=8c684513-2a75-4824-af16-1fdaf11b6910&pv=66c2712f-b06b-465c-b06d-64fa524c60a8&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%22f10d0cab-1d7e-431b-8707-9fa24e83dcb1%22%2C%22pcidDate%22%3A1704358591279%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%225faf7e76-fc0f-4387-b7b4-1457ac715a13%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duperb-shop.ngontinh24.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ngontinh24.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduperb-shop.ngontinh24.com%2F%22%2C%22cat%22%3A%5B%22239%22%2C%22264%22%2C%22266%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22city%22%3A%22%22%2C%22region%22%3A%22%22%2C%22country%22%3A%22US%22%2C%22lat%22%3A37.751%2C%22lon%22%3A-97.822%2C%22type%22%3A2%2C%22accuracy%22%3A1000%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22%22%2C%22tz%22%3A%22America%2FChicago%22%2C%22utcoffset%22%3A300%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ipv6%22%3A%222001%3A550%3A1d05%3A1%3A%3A11%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
15cc01df1db0756db8c3ff039dce7eebf0b7bfc93f5079d37dc0dfa2c22af640
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:33 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-55
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
453
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
523415118
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-4258afea-960f-419a-9cd3-d9b394374220_1_2_ad%22%2C%22callback_id%22%3A%2228624cfb55b17bcd%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223076949134012260636%22%2C%22gpid%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%23anchor-2%22%2C%22tid%22%3A%227348c236-2ba5-485c-8f6e-ef7cb289726a%22%2C%22auctionId%22%3A%225faf7e76-fc0f-4387-b7b4-1457ac715a13%22%7D%5D&page_url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&bust=1704358592793&dnt=false&description=Duperb%20is%20a%20website%20that%20writes%20about%20many%20topics%20of%20interest%20to%20you%2C%20it%27s%20a%20blog%20that%20shares%20knowledge%20and%20insights%20useful%20to%20everyone%20in%20many%20fields.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&w=1600&h=1200&pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22fdd82422-8575-448e-84fe-fa092518ca2d%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
aax.amazon-adsystem.com/e/dtb/ 		153 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&pid=7YI3xmKddC3b6&cb=8&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-4258afea-960f-419a-9cd3-d9b394374220_1_2_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C116518301%2FIN44NM%2FIN44NM-DDA.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cfdd82422-8575-448e-84fe-fa092518ca2d%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22dfc8442c-6e2c-44a4-9893-8b4d0810a14e%22%7D%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
00a3f73c10915e331aaba84ae3cef19364056d137b90c3573b8079d70b8ee925
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a181621f27665bbfa5459df48eceea5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
TAVRZ547949YVQAEENW1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
153
x-amz-cf-id
-Eq0XNPmdYjTIItgAIwUR6A6IuJXLlL_cOfbvv4XTzAGnXoV7Hj26w==
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=65f682b4-6cfa-41b5-b4ca-fb3e89f95822&a=s.d&u=4258afea-960f-419a-9cd3-d9b394374220
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:32:34 GMT
age
2021038
x-guploader-uploadid
ABPtcPpPQr6TC3YJPE3lhVNSlNoZkpl04DlZDfW38OW6us3GJBT_JtXeI7GwBsTqareylkzVeOO3AIDIw8-gA2a2snXi0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:32:34 GMT
container.html
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 03 Jan 2025 08:56:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame A3E0 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 18:02:45 GMT
age
53627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 18:02:45 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A3E0 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 22:45:54 GMT
age
36638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 22:45:54 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A3E0 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 19:07:48 GMT
age
49724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 19:07:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A3E0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 18:02:45 GMT
age
53627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 18:02:45 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame A3E0 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jan 2024 20:40:25 GMT
age
44167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Jan 2025 20:40:25 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3E0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 23:07:11 GMT
x-content-type-options
nosniff
server
cafe
age
35361
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 04 Jan 2024 23:07:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3E0 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 18:57:20 GMT
x-content-type-options
nosniff
server
cafe
age
50352
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 04 Jan 2024 18:57:20 GMT
truncated
/ Frame A3E0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9c3ecd8479cea14a1f703b8b0afc8d1377a0bf5401611b213eafe2d7fc4dfb4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
pixel
protected-by.clarium.io/ 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MTYweDYwMA==&v=5&s=v31hj9r0gcr&h=duperb-shop.ngontinh24.com&cb=7112146&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNVFl3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMTYwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDExNjUxODMwMS9JTjQ0Tk0vSU40NE5NLUREUy5KIiwieSI6NTY1NDk2LCJjbyI6MCwicyI6Im1tdC0wMTE1ZWJhOC1iNGNlLTQ4MzktYmVlNS1jMjhhMWM5YjE0YzhfMV8xX2FkIn19
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:32 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
4686068214887433510
tpc.googlesyndication.com/simgad/ Frame A3E0 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4686068214887433510?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkYUQoysgqVgY7qezJ96CyN75W7fA
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
553d83f888d1be498dc84d22a1c0cb3d0684a0b39ad29f622a132b789973b165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:33:11 GMT
x-content-type-options
nosniff
age
12201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47930
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 10:38:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Jan 2025 05:33:11 GMT
l
www.google.com/ads/measurement/ Frame A3E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFZL_wX-Fde5jVdUkttE22TrNGrhQiLnzA4Ill9r2brAcHdBo8pWk6ssuTPK21fviDIRcBq464CeFG-PdiN3qNsWeBvQ
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
container.html
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B803 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 03 Jan 2025 08:56:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame 2772 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5645ee60d09acb90af49496f24f9fc59e0c9ef48b4a886791ef6ebdac8dad4f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-mnt-h
21-tp9r
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 04 Jan 2024 08:56:33 GMT
server
Apache
etag
"735b0fc34c26a5206932f3fc91215963"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
38720
expires
Thu, 04 Jan 2024 09:01:33 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 2772 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 04 Jan 2024 08:56:33 GMT
x-guploader-uploadid
ABPtcPorgKrolanEvhxtu_ddbKIw0nGlsQjNsgVZjkAV3xGpHceVrHLUsDCpbNTdvC9d2-duLSc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Thu, 04 Jan 2024 09:56:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 2772 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:15:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:15:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 2772 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2772 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 02:16:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
110423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Jan 2025 02:16:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2772 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:33 GMT
pixel
protected-by.clarium.io/ Frame 2772 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31hj9r0gh5&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDExNjUxODMwMS9JTjQ0Tk0vSU40NE5NLURESC5BIiwieSI6NTY1NDk2LCJjbyI6MCwicyI6Im1tdC1kZjY2NDgyNi01YzlhLTQ2ZjEtOTQ3YS01NmYzOTI2M2MzMGRfMV8xX2FkIn19&cb=6292800&h=duperb-shop.ngontinh24.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:33 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame B724
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Y2UzQ1RvdFA4cmxERGs1Y1NyOERHQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGs0s9yzGlsTeFcLW-o4jdI&google_cver=1
49 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGs0s9yzGlsTeFcLW-o4jdI&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-gskrr
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGs0s9yzGlsTeFcLW-o4jdI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame B724
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=72b6b5e83ffe076b&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABcSc2fYNPzgNdzP8bAAAAAAA&expiration=1704444993&nuid=&is_secure=true&gdpr_consent=&gdpr=0
49 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABcSc2fYNPzgNdzP8bAAAAAAA&expiration=1704444993&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-gskrr
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:33 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABcSc2fYNPzgNdzP8bAAAAAAA&expiration=1704444993&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame B724 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=pGp0OXObzqUD&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YRSS349B7RRGCWN2J35G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame DBA8 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71925
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:55:18 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
479431784cd5a99432ddae15575e4e43ff45a92baecf651b711c9e71d4154a59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
style_banner_7fb70a.css
cdn.mediago.io/js/template/style/ Frame D4B8 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/template/style/style_banner_7fb70a.css
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-66.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bd19e369895d795b48995163092e5c40cebba5f4ec268c7540fbefb94caa3f4

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Origin
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
NDWQk1EMVz7H9N2Kuy078AyiaC_xhnrs
date
Wed, 03 Jan 2024 09:06:29 GMT
via
1.1 f0d805e341a04f5774e9d3de6f38e1e8.cloudfront.net (CloudFront)
last-modified
Wed, 27 Dec 2023 08:15:25 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
85807
x-amz-server-side-encryption
AES256
etag
"bea392c41094f40bf9e3423a01311bf4"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
3091
x-amz-cf-id
nFP2gBvjShPvo2oWhO2iJbNN1MrclixCEynOvfhIJ73BDdTRgkQDoA==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame D4B8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:15:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:15:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame D4B8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
l
www.google.com/ads/measurement/ Frame D4B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTFWu8qHkr6roPIIVCWYPpuMcV4jFhx9mfQ-VHlFOlB6ByVSyhJz64Js6UxdTkF4OB-HgjyRXQMRVfa8ti-OEEVk-NfA
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D4B8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 02:16:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
110423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Jan 2025 02:16:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4B8 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:33 GMT
pixel
protected-by.clarium.io/ Frame D4B8 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31hj9r0gnl&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDExNjUxODMwMS9JTjQ0Tk0vSU40NE5NLUREUi5EIiwieSI6NTY1NDk2LCJjbyI6MCwicyI6Im1tdC0yNmMxNWI4ZS04MDgwLTQ5ODYtOTI0ZS0wNTBjMGYwMjIyZDZfMV8xX2FkIn19&cb=5481329&h=duperb-shop.ngontinh24.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:33 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3D46 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
79021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 10:59:32 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 3D46 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df20d73aeea298101feb961bd1e5a7ebb2c8f4a432a5604a221786b618408447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:47:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
25756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14421
x-xss-protection
0
server
cafe
etag
6264189887109984208
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 01:47:17 GMT
14683137533320493422
s0.2mdn.net/simgad/ Frame 3D46 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14683137533320493422
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d1d134a001b4ce2e7c131915e8e851d0584b4f3a910d47e47908a88ade6436d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:07:31 GMT
date
Thu, 04 Jan 2024 05:07:31 GMT
x-content-type-options
nosniff
age
13742
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108867
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 05:40:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 3D46 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:15:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:15:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 3D46 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
l
www.google.com/ads/measurement/ Frame 3D46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYfkifmVwORZ-9XzGQt-iDwGa9cYrJsX52N2pNBNPKoLS1v0Jjsf1ThAF28ZVqTWphqkCIiU6vP_TlHa4Yv8jOIQoBPA
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D46 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:33 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 3D46 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
pixel
protected-by.clarium.io/ Frame 3D46 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31hj9r0gqj&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDExNjUxODMwMS9JTjQ0Tk0vSU40NE5NLUREUy5CIiwieSI6NTY1NDk2LCJjbyI6MCwicyI6Im1tdC0zZGExNDZkNS0xY2YyLTRiZTQtOTA3OS1iMmYxYzJjNjExODdfMV8xX2FkIn19&cb=3147008&h=duperb-shop.ngontinh24.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:33 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
frame_content.js
resources.infolinks.com/js/1914.009-3.034/ Frame 9FB8 		2 KB
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1914.009-3.034/frame_content.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 17 Dec 2023 18:05:02 GMT
server
cloudflare
age
644
etag
W/"96d-60cb878e59649"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
840244d8fb7f5c64-MIA
expires
Sat, 03 Feb 2024 08:45:49 GMT
nmedianet.js
contextual.media.net/ Frame 2A02 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1f40449b63b6072f86e4acd37f0b415673985b3f30832184043777684003bd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-mnt-h
21-tp9r
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 04 Jan 2024 08:56:33 GMT
server
Apache
etag
"12fc76196745dbdd152b3ab147721c08"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
38717
expires
Thu, 04 Jan 2024 09:01:33 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 2A02 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 04 Jan 2024 08:56:33 GMT
x-guploader-uploadid
ABPtcPorgKrolanEvhxtu_ddbKIw0nGlsQjNsgVZjkAV3xGpHceVrHLUsDCpbNTdvC9d2-duLSc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Thu, 04 Jan 2024 09:56:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 2A02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:15:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:15:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 2A02 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
l
www.google.com/ads/measurement/ Frame 2A02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDwXhTS6fdGc9EOXu_pwWtxe38pDEw80Nx8b5xe0TV0q_wUhX1-7PRlXyah0fMsNQZSqUggrsm3NqXMYVCr5tELNgK3w
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2A02 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 02:16:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
110423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Jan 2025 02:16:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A02 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:33 GMT
pixel
protected-by.clarium.io/ Frame 2A02 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31hj9r0gub&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDExNjUxODMwMS9JTjQ0Tk0vSU40NE5NLUREUy5BIiwieSI6NTY1NDk2LCJjbyI6MCwicyI6Im1tdC1jNDE1Mjc5OS1lODk0LTQ2NjItYTJhNC1hNDJkMzEyZDgxZjdfMV8xX2FkIn19&cb=8449151&h=duperb-shop.ngontinh24.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:33 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame B803 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 02 Apr 2024 09:18:44 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame B803 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 20:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Mar 2024 20:48:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame B803 		2 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48782
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame B803 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 00:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Apr 2024 00:23:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame B803 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48782
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame B803 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:15:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:15:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame B803 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
l
www.google.com/ads/measurement/ Frame B803 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSS6lViUNRNzFCPDxGBsWc6icmk05kTKpoUnBCcgaWpwwnKuVq9R27cKFBKElxWqSNqJ7mUVr8oiHa45EbM2ujpfuyz7w
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B803 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:33 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame B803 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Mar 2024 14:54:51 GMT
pixel
protected-by.clarium.io/ Frame B803 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31hj9r0h2k&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDExNjUxODMwMS9JTjQ0Tk0vSU40NE5NLUREQi5JIiwieSI6NTY1NDk2LCJjbyI6MCwicyI6Im1tdC04YWMzNjdiNC0xZmMxLTRlOWUtOTBhOC0yOTZhYTAwMzgxMGVfMV8xX2FkIn19&cb=8472422&h=duperb-shop.ngontinh24.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 9FB8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45bf96a74d1529b261d1839aaa9099436e959abfd4c05a78098055084334c20d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
khaos.json
token.rubiconproject.com/ Frame 4DBF 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 2772 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.41 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-41.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
543b429327b9baf784103c7a03127358fcff1f553eb4743c7cda9df345a6300c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:33 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Thu, 04 Jan 2024 09:01:33 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 10CD 		76 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3027&&kkdd=nH%7CW%7C9Hnuh3*A&44=c.&111=TDw99ffEbQzBmvu1T!.lyEb.UEVHj_pe5emZmhzP-WIdgdBuasJ-boUf13ptp-jVCKdPJ82kz_cBslEs88y1s1_864preKKK&423=jj)j&3z=jdD)sYPYosPDd)YYPPx&h2vb=D&1GvK=D&5G4f=*swP&4z2=PecdHddjZ&4v42=H4VhCBXam(ZX6jmmqbb(4U%3D%3D&4bz2=YswwPPY))&GzFf=dxPBoD&G4=J*&4RE1=G11m1zhbK5zCEm5fG5&vz2=PygwdnWs.&5vz2=rjZswwP&R55vG=j&bbb=5FnqR*49q*PIswCVTrPY-*s)_98bNCoKQNDDcaJsEmmMmTbqy*hfG-%3D%3D&EGf=Y&9U=j&ah2=)&K25j=Pecco(JP8&K25x=PsoxPPw)s&l2K5K=G2x%3DEa997zab9m9%3DjD7Chfbv1%3DDAxd72C1ml%3DDAYs7G42%3DS97bKf%3DD%2CD72C1m9%3DxD739xbmG2%3DxDx)DjDsjs7zab9ml%3DdsDADj7ab9m5u4%3DD7ab9mbxKml%3DD7G52%3DPojw)PYYD71EmlfRmlCCG5%3DDAPY7bK5%3DDADDD%2CD7zv%3DWC28uvSEo6uzSK)yW1GZ~7Sll%3DjY7lRmz1%3DYD7bzzvaK%3DjDd%2CjDd7b4%3Dj7bzGaz2%3DD%2CD7bvGmG2%3DxDx)DjDsj)7bK23%3DDADDD%2CD7ab9ml%3DjAsd739xbmab9ml%3DD7G11mUb%3DxYAjjYo7ab9m9%3DjD7G93%3DxxAPP7h4K5%3Dqj7ll%3Djow7G11m1a9%3DDAdw7fbv1%3DDAxd739xbmab9mu4%3DDZD7vGzm4%3Dxx%2Cj)%2CD%2CD%2CD%2CD%2CD%2CD7l1%3Dj7vGzm2%3DjjPd7buf%3DD%2CD7Ksvml%3DYAos%2CdYA)o7G2%3Dj7az2%3Dx_KIRWzP5es6Z43l1N7439xbml%3DjAwd7l52%3DwdjosDxP)YjxsjjwwDYjjwYjswsxwDxx)DDYjwwsDoodD)sPj)soPDwDdPowP)xPdxwssjjxodYjxjDjjwjjwsxY)djowjPYjPPdwjw7az1%3DD7bu5%3DDADDD%2CD7Ch2xvml%3DDAoY7GG%3Dk-744%3Dc.7ulm29%3DE%2FK7azU%3Dqj74f%3DD7b43%3D)jADw7e_%3DsDdo7ulma4%3DD7E5G%3Dj7ulma9%3DE%2FK7ulm44uG%3DD745%3D1zK1z7lGGmMrN%3Dk-%2Ck-7lKGzGx%3Djow7l25%3DjdD)sYPYox7lKGzGj%3Djow7ulm55%3DD7lRmG2%3DxDx)DjDxDj724%3DP739xbml%3DYAs)755%3DjjPd73UmfB4%3DDAP73zGmG2%3DPd7ab9mbvGml%3DPAw)7lRm4C%3DD724x%3Dj73mKGE%3DoDDo7~y%3DAiGRCvAi79KG5%3D743Ch%3DjAwd73zGmab9ml%3DDAYw739xbmzmG2%3DxDx)DjDsjs73zGmab9m9%3DD7f5%3DjP739xbmzml%3DDADx73zGml%3Dwd)AP)739xbmab9m3z%3DjZqjw7ab9m53z%3DD733%3DD7439xbmG2%3DPY7bS3%3D)jADw79xbml%3DjDDD7Ubml%3DxAoj%2CD7G11mG2%3DxDx)DjD)Ds7bK2v%3DDADDD%2CD7Gz2%3DYswwPPY))7ab9mbvGmu4%3DD7ulmGb4%3Dull73Ua%3DDAP72xvm9%3DjD7439x%3DjAwd7sv4S%3DoooAPY7211mG5bh%3DG11m1zhbK5zCEm5fG572xvml%3DDAoY7bvGml%3DdYA)o7ab9mGbvGml%3DPAw)7buUv%3DDADDD%2CD7~yx%3DAiGRCvAi7buU2%3DDADDD%2CD7zGnfS%3DD7yJ%3DD7zGzS%3DD7ab9mbv4ml%3DD7lz2%3DDAxj7ulmv5%3D8C1fvKhf7ab9mbvGmb3%3DD74l2v%3DDAxjD7G2%3Dj7z56vfmz2%3Djd7Gf99fbm5Khmz2%3DPojw)PYYD7Gavv96m5Khmz2%3D72f5f45f2m5Khmz2%3D73zfUKlz9z56%3DDAP7vCG%3Dw7K4m56vf%3Dj7K2l9u%3DPojw)PYYD7K1v%3Dj7Chlz2%3DDAxdD7lS9b%3DDADYD7Gaz2%3De-Z.Z*PCXQ6W)tu61T)KZgD8Z~_7254%3DfKG5mG47211mfbv1%3DSK9Gf7211%3DG11m1zhbK5zCEm5fG57l2v4Kv2%3DD72K9h%3DG117Gh15%3D9CEhm5Kz9mRC1fvKhfm4K54RK997GClv%3D7Bz2%3D-pQqvalqso))oY)PwxsjwxPs7R519%3Dj7G11mKvz%3D3j7zl4%3Dj7EGF%3Dj75hG%3DdxPBoD7lGl%3DD7lGv%3DD751B%3Dx)w&E53=D&zU=dxP&zE_Sb=j&l2b_2=)wD&lz2=s)oDw)&14S=dwYox&62Gvb=j&lKf=XBfk%2FFVFKh7XBfk%2FFKXKh7)ff&uK5vbf=j&uK5lz2=qjDx&4K2C1KzE=5FnqR*49q*q8.Rk)xqaaS2EYgQRxzeDkwV2sx6)_.4T!g8Tmu6TCFh%3D%3D&6v9v=j&zGz2=Y&K23=_E3fG5Cb%20JC4aG&GG14bm3fb=Y&vhz2=vjjdYxwjPd)x5xDx)DjD)DPYw&GG92=%7B%22GGzv%22%3A%22xDDj%3ADYYD%3Aj2DY%3ADDDD%3ADDDD%3ADDDD%3ADDDD%3ADDDD%22%2C%22GG44%22%3A%22c.%22%2C%22GGG4%22%3A%22J*%22%2C%22GG456%22%3A%221zK1z%22%7D&R519Gb4=j&sflct=3761804&54Sm41v=j&ure=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b2c7d7f8ebb1ad09c017a046477da20f6581696077cb44ee9f5dd20956f6f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
31444
content-type
text/html
date
Thu, 04 Jan 2024 08:56:34 GMT
expires
Thu, 04 Jan 2024 08:56:34 GMT
pragma
no-cache
quic-version
0x00000001
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-292w
bping.php
lg3.media.net/ Frame 2772 		35 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2692&&vgd_cdv=1141&vgd_cage=1&vgd_tsce=L368&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=536688544&vi=1704358593807455882&ugd=4&lf=6&cc=US&sc=FL&lper=100&wsip=170785191&r=1704358593770&rrr=tzR-hLcl-L8G36oqjT85AL34IlHrWo9aXW00UuF3n__K_jr-PLgesA%3D%3D&requrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fh~OmYMGv9.XA~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9AuA~8xLjMGvhA9.9u~xLjM7UNv9~xLjMLf1MGv9~Q7OvWiuFHWXX9~YzMGJwMGmmQ7v9.WX~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGvuX~GwM8YvX9~L88Ex1vu9h%2Cu9h~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9AuH~L1Oev9.999%2C9~xLjMGvu.Ah~ejfLMxLjMGv9~QYYMBLvfX.uuXi~xLjMjvu9~Qjevff.WW~yN17vou~GGvuiF~QYYMYxjv9.hF~JLEYv9.fh~ejfLMxLjMUNv949~EQ8MNvff%2CuH%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvuuWh~LUJv9%2C9~1AEMGvX.iA%2ChX.Hi~QOvu~x8OvfV1Zw38W7%3DA54NeGYp~NejfLMGvu.Fh~G7OvFhuiA9fWHXufAuuFF9XuuFXuAFAfF9ffH99XuFFA9iih9HAWuHAiW9F9hWiFWHfWhfFAAuufihXufu9uuFuuFAfXHhuiFuWXuWWhFuF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iX~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHu.9F~%3DVvA9hi~UGMxNv9~z7Qvu~UGMxjvzS1~UGMNNUQv9~N7vY81Y8~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HAXWXif~G1Q8QuvuiF~UGM77v9~GwMQOvf9fH9u9f9u~ONvW~ejfLMGvX.AH~77vuuWh~eBMJ-Nv9.W~e8QMQOvWh~xLjMLEQMGvW.FH~GwMNmv9~ONfvu~eM1Qzvi99i~c0v.*QwmE.*~j1Q7v~Nemyvu.Fh~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9AuA~e8QMxLjMjv9~J7vuW~ejfLM8MGv9.9f~e8QMGvFhH.WH~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvWX~LkevHu.9F~jfLMGvu999~BLMGvf.iu%2C9~QYYMQOvf9fH9u9H9A~L1OEv9.999%2C9~Q8OvXAFFWWXHH~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.W~OfEMjvu9~Nejfvu.Fh~AENkviii.WX~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iX~LEQMGvhX.Hi~xLjMQLEQMGvW.FH~LUBEv9.999%2C9~c0fv.*QwmE.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fu~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.fu9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvWiuFHWXX9~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.W~EmQvF~1NM75EJvu~1OGjUvWiuFHWXX9~1YEvu~myG8Ov9.fh9~GkjLv9.9X9~Qx8Ov%3DK4b4TWmRt53H2U5YdH14a9q4cV~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoAiHHiXHWFfAuFfWA~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfHF&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22Y81Y8%22%7D&vgd_bid=349064&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1704358593176655740&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pgid=p11752618742t202401040856&vgd_pgids=1&vgd_uspa=0&vgd_mspa=0&vgd_mspad=a&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001704358593765006462152365617&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 04 Jan 2024 08:56:33 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Jan 2024 08:56:33 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1F44
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date
Thu, 04 Jan 2024 08:56:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4F1D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20904174&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.112 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cb2f781d258d314bdc7be21deb538daaeda707323503ab447d5edbcad8ffa39e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
securepubads.g.doubleclick.net/gampad/ 		136 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501995322332064&correlator=2410108001411560&eid=31077976%2C31079926%2C31080177&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=20842576%3A116518301%2CIN44NM%2CIN44NM-DDA.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=15&didk=4110578795&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dff689ee3342bc18d%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A&gpic=UID%3D00000db0c34d1526%3AT%3D1704358591%3ART%3D1704358591%3AS%3DALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg&abxe=1&dt=1704358593829&lmt=1704287131&adxs=805&adys=1155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&psts=AOrYGskauUZRBV7nhn1uZkB0119ytN2Xb1178d3BlcL0Lt7AdxOq5-0GHifwmZhyuP-WToqmwQsW-ZuY2uoxLo_B5zqD8A&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi-_cCdzTFIABI7CgpwdWJjaWQub3JnEiRkZmM4NDQyYy02ZTJjLTQ0YTQtOTg5My04YjRkMDgxMGExNGUYlvrAnc0xSAASHQoOZXNwLmNyaXRlby5jb20YgfnAnc0xSABSAghkEsIBCghydGJob3VzZRKsAUVMYkFpSXN2TW9BczdRcTZLcFNxaHlLUTMzejFCYnlOcVo0QlMwWXdNYVRxRWhTQm5MUUNBT1c5Sk16VEU3WUVraEU4NXA4eXFMTmFSR1pOd3lSaXBVNHdkSVhNNWZXbUs3Ris1R3FIZ0VNSTlwYmpNV1BQS0lhMENQY1BJTXVyUzVBeHducFRnVmdiZURpYkI1dGJxemNQV28vSHZEZGpNdzMxMUVzQWFNWT0Yof7Anc0xSAASPgoFb3BlbngSLGV5SnBJam9pUjI5SlYwSkVXVkZTTkcxQldXdHNZMW8zUkRONlVUMDlJbjA9GIP8wJ3NMUgAEhkKCnVpZGFwaS5jb20YgfnAnc0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjy-8CdzTFIAFICCGo.&dlt=1704358590346&idt=1247&prev_scp=pos%3D2%26monu%3D728x90_B2%26slotNum%3D2%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3D_notchrome_10.00%26context%3D8__notchrome%26browser_hour_refresh%3Dundefined_8_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D266%26url%3Dduperb-shop.ngontinh24.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1838895431&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08fc0389e99a4122d63c6c9ada1b7020c7421861cecdbce6430775210b47bed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44920
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
17469995450068801122
tpc.googlesyndication.com/simgad/ Frame 1F44 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17469995450068801122?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnG50e4yyzPwiHyxs9oHCtRG5Ni6w
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf68a8424e11b53face94023607c7c981ecdb60345bcb0e44205d6b8c13d57b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:34:41 GMT
x-content-type-options
nosniff
age
12112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42519
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 10:38:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Jan 2025 05:34:41 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F44 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 23:07:11 GMT
x-content-type-options
nosniff
server
cafe
age
35362
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 04 Jan 2024 23:07:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F44 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 18:57:20 GMT
x-content-type-options
nosniff
server
cafe
age
50353
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 04 Jan 2024 18:57:20 GMT
csi
csi.gstatic.com/ Frame F8ED 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqyz3mdm&c=177665056126&slotId=88832528063&qqid=COTbp8Ouw4MDFXEUaAgdkuUDeg&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=Infinity&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.nq~vil.wg~vfl.1ah~vfl.1b0&ua_e=1&umsem=0&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 2A02 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.41 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-41.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
543b429327b9baf784103c7a03127358fcff1f553eb4743c7cda9df345a6300c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:34 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Thu, 04 Jan 2024 09:01:34 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 38FD 		78 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3072&&kkdd=*3%7CW%7Cnu9h*H3A&44=DV&Q3=vOqisuduosBuosBdddq&JYeG=q&w.eX=q&4YQ=vviv&k.4T=HsBd&43Y=dADOSOOvW&4e4Y=S4CJaR_7EIW_bvEE*GGI4!%3D%3D&4G3Y=OqiuoidvB&.3yT=sqqRxuq&.4=pH&4trw=.wwEw3JGXk3arEkT.k&e3Y=d-gBOUhsV&ke3Y=~vWsBBd&tkke.=v&GGG=kyU*tH4f*HdPsBaC5~duLHsi0fjGKaoXMKqqD7psrEEcE5G*-HJT.L%3D%3D&r.T=u&f!=v&7JY=i&XYkv=dADDoIpdj&XYkx=dsoxddBis&NYXkX=.Yx%3Dr7ff837GfEf%3Dvq8aJTGew%3Dqlvo8YawEN%3Dqlus8.4Y%3D6f8GXT%3Dq%2Cq8YawEf%3Dxq8QfxGE.Y%3Dxqxiqvqsvs837GfEN%3DOsqlqv87GfEkm4%3Dq87GfEGxXEN%3Dq8.kY%3DixOBsOuxus8wrENTtENaa.k%3Dqldu8GXk%3Dqlqqq%2Cq83e%3DhaYjme6robm36Xi-hw.WZ86NN%3Dvu8NtE3w%3Duq8G33e7X%3DvqO%2CvqO8G4%3Dv8G3.73Y%3Dq%2Cq8Ge.E.Y%3Dxqxiqvqsvi8GXYQ%3Dqlqqq%2Cq87GfEN%3Dvlxd8QfxGE7GfEN%3Dq8.wwE!G%3Dvoluxiu87GfEf%3Dvq8.fQ%3Dxxldd8J4Xk%3D*v8NN%3DvoB8.wwEw7f%3DqlOi8TGew%3Dqlvo8QfxGE7GfEm4%3DqWq8e.3E4%3Dxx%2Cvi%2Cq%2Cq%2Cq%2Cq%2Cq%2Cq8Nw%3Dv8e.3EY%3DvvdO8GmT%3Dq%2Cq8XseEN%3Dslio%2COdldu8.Y%3Dv873Y%3Dx0XP3bsgOxwQNkA0G584QfxGEN%3Dxlxd8NkY%3DBOvosqxdiuvxsvxqudsOqxiqiovqdousOsdBiuoudOxOuddvqxvOduuxBuOvBqdidoiquvOouxBqsivvxqBquoddduvxduxdsuOsOBq873w%3Dq8Gmk%3Dqlqqq%2Cq8aJYxeEN%3Dqlod8..%3D2L844%3DDV8mNEYf%3Dr%2FX873!%3D*v84T%3Dq8G4Q%3DivlqB8A0%3DsqOo8mNE74%3Dq8rk.%3Dx8mNE7f%3Dr%2FX8mNE44m.%3Dq84k%3Dw3Xw38N..Ec~K%3D2L%2C2L8NX.3.x%3DvoB8NYk%3DvOqisuduox8NX.3.v%3DvoB8mNEkk%3Dq8NtE.Y%3Dxqxiqvqxqv8Y4%3Dd8QfxGEN%3Dslvi8kk%3DvvdO8Q!ETR4%3Dqlox8.wwEN3Y%3Dqlvi8Q3.E.Y%3DdO87GfEGe.EN%3DdlBi8NtE4a%3Dq8.aN5%3DqlqO8Y4x%3Dv8QEX.r%3Doqqo8Z-%3Dl(.tael(8fX.k%3D84QaJ%3Dxlxd8Q3.E7GfEN%3DqlOd8QfxGE3E.Y%3Dxqxiqvqsvs8Q3.E7GfEf%3Dsq8Tk%3Dxq8QfxGE3EN%3Dqlqx8Q3.EN%3DOOdlud8QfxGE7GfEQ3%3DvW*vB87GfEkQ3%3Dq8QQ%3Dq84QfxGE.Y%3Ddu8G6Q%3DivlqB8fxGEN%3Dvqqq8.wwE.Y%3Dxqxiqvqiqs8GXYe%3Dqlqqq%2Cq8.3Y%3DOqiuoidvB87GfEGe.Em4%3Dq8mNE.G4%3DmNN8Q!7%3Dqlox8YxeEf%3Dvq84Qfx%3Dxlxd8se46%3Dvqqqlxs8aJEw.t%3Dqlvo8YwwE.kGJ%3D.wwEw3JGXk3arEkT.k8YxeEN%3Dqlod8Ge.EN%3DOdldu87GfE.Ge.EN%3DdlBi8Gm!e%3Dqlqqq%2Cq8Z-x%3Dl(.tael(8Gm!Y%3Dqlqqq%2Cq83.UT6%3Dq8-p%3Dq83.36%3Dq87GfEGe4EN%3Dq8N3Y%3Dqlvi8mNEek%3DjawTeXJT87GfEGe.EGQ%3Dq84NYe%3Dqlviq8.Y%3Dv83kbeTE3Y%3DvO8.TffTGEkXJE3Y%3DixOBsOuxus8.7eefbEkXJE3Y%3D8YTkT4kTYEkXJE3Y%3D8Q3T!XN3f3kb%3Dqlox8ea.%3DB8X4EkbeT%3Dv8XYNfm%3DixOBsOuxus8Xwe%3Dv8aJN3Y%3Dqlvoq8N6fG%3Dqlvvq8.73Y%3DALWVWZYMWP1HpbwTwzRBQs0!v0h8Yk4%3DTX.kE.48YwwETGew%3D6Xf.T8Yww%3D.wwEw3JGXk3arEkT.k8NYe4XeY%3Dq8YXfJ%3D.ww8.Jwk%3DfarJEkX3fEtawTeXJTE4Xk4tXff8.aNe%3D8R3Y%3DL1M*e7N*soiiouidBxsvBxds8tkwf%3Dv8.wwEXe3%3DQv83N4%3Dv8r.y%3Dx8kJ.%3DxuqRxuq%7CsqqRxuq8N.N%3Dq8N.e%3Dq8kwR%3Dxsd&rkQ=q&www=5qBffTTrGM3REemw5zVN-rGV!rCSv01AkAEWEJ3dLhPOgORm7spLGo!TwQ1)1LvCaXOdpjY230DRsNrsjj-wsw0jb41~AXXX&3!=sqq&3r06G=v&NYG0Y=iBq&N3Y=sioqBu&w46=OBuox&bY.eG=v&NXT=_RT2%2FyCyXJ8_RT2%2FyX_XJ8iTT&mXkeGT=v&mXkN3Y=*vqx&4XYawX3r=kyU*tH4f*H*jVt2ix*776YrugMtx3Aq2BCYsxbi0V45zgj5Emb5ayJ%3D%3D&befe=v&3.3Y=u&XYQ=0rQT.kaG%20pa47.&..w4GEQTG=u&eJ3Y=evvOuxBvdOixkxqxiqvqiqduB&..fY=%7B%22..3e%22%3A%22xqqv%3Aquuq%3AvYqu%3Aqqqq%3Aqqqq%3Aqqqq%3Aqqqq%3Aqqqq%22%2C%22..44%22%3A%22DV%22%2C%22...4%22%3A%22pH%22%2C%22..4kb%22%3A%22w3Xw3%22%7D&tkwf.G4=v&sflct=2765151&k46E4we=v&ure=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f0a385fe617f54bc5e9a20f11fc3be9b84bd4f7e4d0897ad627dd942efc1ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
31814
content-type
text/html
date
Thu, 04 Jan 2024 08:56:34 GMT
expires
Thu, 04 Jan 2024 08:56:34 GMT
pragma
no-cache
quic-version
0x00000001
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-292w
bping.php
lg3.media.net/ Frame 2A02 		35 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2734&&vgd_cdv=1141&vgd_cage=1&vgd_tsce=L368&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=704594816&vi=1704358593659368880&ugd=4&lf=6&cc=US&sc=FL&lper=100&wsip=170785191&r=1704358593873&rrr=tzR-hLcl-L8G36oqjT85AL34IlHrWo9aXW00UuF3n__K_jr-PLgesA%3D%3D&requrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.ui~OmYMGv9.XA~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9AuA~8xLjMGvhA9.9u~xLjM7UNv9~xLjMLf1MGv9~Q7OvHfhFAhXfXA~YzMGJwMGmmQ7v9.WX~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGvuX~GwM8YvX9~L88Ex1vu9h%2Cu9h~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9AuH~L1Oev9.999%2C9~xLjMGvu.fW~ejfLMxLjMGv9~QYYMBLvui.XfHX~xLjMjvu9~Qjevff.WW~yN17vou~GGvuiF~QYYMYxjv9.hH~JLEYv9.ui~ejfLMxLjMUNv949~EQ8MNvff%2CuH%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvuuWh~LUJv9%2C9~1AEMGvA.Hi%2ChW.WX~QOvu~x8OvfV1Z85AahfYeG7%3DVLd~NejfLMGvf.fW~G7OvFhuiA9fWHXufAuf9XWAh9fH9Hiu9WiXAhAWFHXiXWhfhXWWu9fuhWXXfFXhuF9WHWiH9XuhiXfF9AHuuf9F9XiWWWXufWXfWAXhAhF9~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHu.9F~%3DVvA9hi~UGMxNv9~z7Qvf~UGMxjvzS1~UGMNNUQv9~N7vY81Y8~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HAXWXif~G1Q8QuvuiF~UGM77v9~GwMQOvf9fH9u9f9u~ONvW~ejfLMGvA.uH~77vuuWh~eBMJ-Nv9.if~QYYMG8Ov9.uH~e8QMQOvWh~xLjMLEQMGvW.FH~GwMNmv9~QmGdv9.9h~ONfvu~eM1Qzvi99i~c0v.*QwmE.*~j1Q7v~Nemyvf.fW~e8QMxLjMGv9.hW~ejfLM8MQOvf9fH9u9AuA~e8QMxLjMjvA9~J7vf9~ejfLM8MGv9.9f~e8QMGvhhW.XW~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvWX~LkevHu.9F~jfLMGvu999~QYYMQOvf9fH9u9H9A~L1OEv9.999%2C9~Q8Ovh9HXiHWuF~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.if~OfEMjvu9~Nejfvf.fW~AENkvu999.fA~myMYQwv9.ui~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~LEQMGvhW.WX~xLjMQLEQMGvW.FH~LUBEv9.999%2C9~c0fv.*QwmE.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uH~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.uH9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvHfhFAhXfXA~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.if~EmQvF~1NM75EJvu~1OGjUvHfhFAhXfXA~1YEvu~myG8Ov9.ui9~GkjLv9.uu9~Qx8Ov%3DK4b4cOt4ZrTs5YJY%2F-FeAVBuV3~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoAiHHiXHWFfAuFfWA~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGv9~GQEv9~7Y-vfAW&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22Y81Y8%22%7D&vgd_bid=349065&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1704358593141026708&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pgid=p11752618742t202401040856&vgd_pgids=1&vgd_uspa=0&vgd_mspa=0&vgd_mspad=a&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001704358593870006462152362828&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 04 Jan 2024 08:56:33 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Jan 2024 08:56:33 GMT
ad_
fundingchoicesmessages.google.com/f/AGSKWxUmQKAAa6btV9lmjYaB7UWPK7qNFGYf0M6sQvWH0AxNsVge4HKbRCGjEAMWbFslSasdK9GAjmMCHFWdwftZo6PmNqyAAXv7CfksQRw2ioqtlK1aMykVnRM4KByu1aSOcVzxJgyxGP-O1ik8oj47LwxUu6RNB... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUmQKAAa6btV9lmjYaB7UWPK7qNFGYf0M6sQvWH0AxNsVge4HKbRCGjEAMWbFslSasdK9GAjmMCHFWdwftZo6PmNqyAAXv7CfksQRw2ioqtlK1aMykVnRM4KByu1aSOcVzxJgyxGP-O1ik8oj47LwxUu6RNBC-WHHW9AtzT45spb_aFD8YDGLzt5ATP/_/google160./no_ads./newimplugs./ForumViewTopicContentAD./ads/ad_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwXNQWpsdCQrGY-Gr2-YhgpAaD5aw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6a001fe6f1f79bbe5b91861c200efd94441f78e698e6f6cd4c0569edee90c9d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-G0oEfbe7ph6KPyPZpXL1XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-G0oEfbe7ph6KPyPZpXL1XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwXNQWpsdCQrGY-Gr2-YhgpAaD5aw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7f80935106390ce68b498562c40c39863298cf9edd85faa71d35fcdf848a6c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
94
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11403
x-xss-protection
0
server
cafe
etag
8337112287831120551
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 09:54:59 GMT
AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BPBUsMDPL64QJKYr57en_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BPBUsMDPL64QJKYr57en_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
checksync.php
contextual.media.net/ Frame A983 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ac1edb147faef758a4c4eef4c7b2dfa02f8e5610ca98fd04d65fadf7b2d78f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
9652
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:33 GMT
expires
Sat, 06 Jan 2024 08:56:33 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
quic-version
0x00000001
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 2772 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6228&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=oNGN536AaM4nnz64J7W1zw&vid=oNGN536AaM4nnz64J7W1zw&dn=duperb-shop.ngontinh24.com&rawDn=duperb-shop.ngontinh24.com&requrl_dn=duperb-shop.ngontinh24.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fduperb-shop.ngontinh24.com&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=FL&ct=miami&zip=33018&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-77cb9c4859-sbqv9.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=9009&sckfl=1&suid=CAESEL8oBXyY4Zkymj4aEO0HEMI&sckfl2=0&smbrid=adx-unknown&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm44az9uYaQpdhBsXv_TJF9HMlADD_b6WFRhcSSDXbziV1vG8uKkML1eXBps0xVtL56n&pexid=ADX-pub-3944954862316283&geoll=true&is_ortb=false&commit_id=6232c897&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-01-03+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=42&req_tid_present=false&pvid=460&prvAccId=536688544&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=839288643&prspt=headerBid&prvReqId=156226511086856_1294993669_8392886434601&size=728x90&chnl=smm_migration_test&bdp=0.270&bid_uuid=5fa7409ef800865d1a8282fdf04caf48&cbdp=0.21&og_cbdp=0.270&ogbdp=0.27&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.21&dsrc=-2&dp=0&dbf=1&epc=536688544&s=1&snm=SUCCESS&pcrid=8CU7Q771E-536688544-1-5&tpbTkn=false&exid=218&bidflr=0.050&pbidflr=0.050&opbidflr=0.050&spbf=0&viewability=80&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1704358592349&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.27&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080807683300728009000059500&strg=smm_migration_test&vls=0&scrid=1700080807683300728009000059500&mang=1&pvdTmax=246&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=728x90&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=b29c8b4d64&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23prll_req%3Afalse%23%23launchexp%3Atoken1%23%23bsNed%3AnoAdd%23%23NedCkflWithData%3ALesBlk%23%23BF_store%3AGCS%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&mx_isNed=1&acid=2ccea5b985facf04b78eacc7e71640e9&rtime=19.0&wsip=mowx-lite-78f788cb9b-ss4wm&ltime=30.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D0&adtypes=0&adblk=891648550&impId=1&reftime=0&reftype=0&sticky=true%7Cfalse%7Cfalse&psrc=fail&mowxReqId=2ccea5b985facf04b78eacc7e71640e9_1&policy_enf=2&pub_blk_enf=1&req_size=728x90&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=6&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=oNGN536AaM4nnz64J7W1zw_1&supplyTagId=891648550&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100273&debug_ts=2024-01-04+08%3A56%3A32&__expireat=1704359192601&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.270&lo_cbdp=0.21&actltime=30&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.27~dom_b%3D0.53~scd%3Dfl~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2024010313~iurl_b%3D730.01~url_tkc%3D0~url_r2a_b%3D0~std%3D891648550~mn_beh_boost%3D0.85~rat%3D0.000%2C0~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D15~bh_im%3D50~riipua%3D107%2C107~rc%3D1~risuid%3D0%2C0~rps_sd%3D2024010314~radv%3D0.000%2C0~url_b%3D1.37~vl2r_url_b%3D0~smm_wr%3D25.1159~url_l%3D10~slv%3D22.88~gcat%3D-1~bb%3D196~smm_mul%3D0.76~erpm%3D0.27~vl2r_url_kc%3D0E0~psi_c%3D22%2C14%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D1187~rke%3D0%2C0~a3p_b%3D5.93%2C75.49~sd%3D1~uid%3D2IaGhYi8tC3yEcvbmW~cvl2r_b%3D1.67~btd%3D6719302845123116605116513632602240051663099704381439806078968428726331129751210116116325471961851887616~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.95~ss%3DNA~cc%3DUS~kb_dl%3Dn%2Fa~uiw%3D-1~ce%3D0~rcv%3D41.06~CI%3D3079~kb_uc%3D0~nts%3D1~kb_ul%3Dn%2Fa~kb_ccks%3D0~ct%3Dmiami~bss_KTW%3DNA%2CNA~basis2%3D196~bdt%3D1704358592~basis1%3D196~kb_tt%3D0~bh_sd%3D2024010201~dc%3D8~vl2r_b%3D5.34~tt%3D1187~vw_exc%3D0.8~vis_sd%3D87~url_rps_b%3D8.64~bh_co%3D0~dc2%3D1~v_asn%3D9009~MP%3D.*shop.*~last%3D~cvog%3D1.67~vis_url_b%3D0.56~vl2r_i_sd%3D2024010313~vis_url_l%3D0~et%3D18~vl2r_i_b%3D0.02~vis_b%3D674.84~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D85~rfv%3D41.06~l2r_b%3D1000~wr_b%3D2.91%2C0~smm_sd%3D2024010403~radp%3D0.000%2C0~sid%3D536688544~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.8~d2p_l%3D10~cvl2%3D1.67~3pcf%3D999.85~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.95~rps_b%3D75.49~url_srps_b%3D8.64~rkwp%3D0.000%2C0~MP2%3D.*shop.*~rkwd%3D0.000%2C0~isRef%3D0~PF%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.21~kb_pt%3DHomepage~url_rps_rv%3D0~cbdp%3D0.210%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D891648550%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.8%7Epos%3D6%7Eac_type%3D1%7Eadblk%3D891648550%7Eamp%3D1%7Eogbid%3D0.270%7Ebflr%3D0.050%7Esuid%3DCAESEL8oBXyY4Zkymj4aEO0HEMI%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dsmm_migration_test%7Ebdpcapd%3D0%7Edalg%3Dsmm%7Esgmt%3Dlong_tail_homepage_catchall%7Esobp%3D%7Exid%3DADX-pub-3944954862316283%7Ehtml%3D1%7Esmm_api%3Dv1~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D246&utime=1569&sf=0&cpr=0.8998519162471981
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Jan 2024 08:56:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DB4C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 13:46:45 GMT
etag
48472445140208031
expires
Thu, 04 Jan 2024 13:46:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 54B5 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
70966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 13:13:47 GMT
expires
Thu, 02 Jan 2025 13:13:47 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4686068214887433510
tpc.googlesyndication.com/simgad/ Frame A3E0 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4686068214887433510?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkYUQoysgqVgY7qezJ96CyN75W7fA
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
553d83f888d1be498dc84d22a1c0cb3d0684a0b39ad29f622a132b789973b165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 05:33:11 GMT
x-content-type-options
nosniff
age
12202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47930
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 10:38:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Jan 2025 05:33:11 GMT
ice.js
resources.infolinks.com/js/1914.009-3.034/ 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1914.009-3.034/ice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ded725035617c0981e128808cbcf42149df94eb26a70649128a8ebf541ec25ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 17 Dec 2023 18:05:02 GMT
server
cloudflare
age
3093
etag
W/"2ede4-60cb878e57af1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
840244dc5db15c64-MIA
expires
Sat, 03 Feb 2024 08:05:00 GMT
frame_inplace.js
resources.infolinks.com/js/1914.009-3.034/ Frame 9FB8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1914.009-3.034/frame_inplace.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
851aab34e9b9e9c6252ed4a0bd57b30a79795aacdc7e036d7e824ed9e69b2807

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:33 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 17 Dec 2023 18:05:02 GMT
server
cloudflare
age
3678
etag
W/"baa-60cb878e56b50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
840244dc5db25c64-MIA
expires
Sat, 03 Feb 2024 07:55:15 GMT
ef0fe86993b71bdfdc4860d9354eeac1__scv1__300x175.png
images.mediago.io/ML/ Frame D4B8 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.mediago.io/ML/ef0fe86993b71bdfdc4860d9354eeac1__scv1__300x175.png
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
25f574717e4fb821d02b0f6d9f99295c60a8d8ce1c3197438b1b963c90f6eb8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:22:32 GMT
via
1.1 google
age
2042
x-guploader-uploadid
ABPtcPqn5kxMySNmPmq5tQ28Q3EMH42SkCAxFxaQOe8WV_L6FDKG4JcBt3NoIXveS6iJwkkbPm0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92648
last-modified
Wed, 03 Jan 2024 02:10:12 GMT
server
UploadServer
etag
"d4a107a13e5c6116170feb6241b674dd"
x-goog-generation
1701251712633642
x-goog-hash
crc32c=9W77Wg==, md5=1KEHoT5cYRYXD+tiQbZ03Q==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
92648
accept-ranges
bytes
ic
trace.mediago.io/ju/ Frame D4B8 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=04c2a8ced62f97e287b6c2780da42533&acid=781&data=Kihjm9tzRXm3s6ofGslmg9SFCAaYvcKktlu2BB9HyNOKVGs673XDJNNoW6DKi7ByVsPqNyeaxYqpWWlewaVEVIc0fuXxUjww8miCAF426md1xXnLMK-aBcHAAJa9KkrROBrbuEW22_rY38ZUImnUn2p6xR3717mt6kI4d1ZRS-GsFz1zLCWfByDKYGJAChQx52Unji_v-ud967dRpV_QNpctkRYlUENMl3FsMuvlwqJi1GtlA_tMxuqdIU4TWE0XgQ8iUeVPNS--aO8qekwYSwsXc9XQyQj_Y7Dy-AooqgL9YXs9lstTvXgXATzsv0Fo8393WF-kcWYNShCfJafADgMbj06x5uQp7pGapPFgiwq980gS_C5bLsHYa2GA9e6FeCpHaqZ9wrtEmP8bVaXDFzpAc2Xk5ObeHg-VpH-3zViVW6rTO9G0Es8LPCnyVzvj8CkZe_JfpHnVMlnWJAkTETK52k6p6xC6aUjA9vCQ7QDilyA699kNj0XfmVd5fRrVl4lv-lnsQ-BZ0dns-oXHFY-H-RzojxyUn0JaVbs2qDcHXHU6-P2e-johnO8XC-ZGZcbjIgVT-QSzsUglLj6nHhXkxUv40h30vqjFl3aXoUp1IIHQ37Ierg5W4HB6N19wmAXkNlnzpS3gLJChz4VzC-ZuYltwPDdIzkbXCSLi1iXU5xrPMHiO-255fCPCH5VRJWeo08bZn77R50M9RNCDMVF39nVgXKuID-8THqiJFmoiiHH5FtDxMuwIF54rFpzWNZoZw12joV5477vWby9tm9kS2zvG4mb1TKGLiV8I82SVy5vIyj48FxU1JWzD34JhUwHXdOnV5K4IlzWRu8-5VzTzbwtZNHB-YPnakdWbVfbMUJR76-jt6T7LGAQPFiqgfPoohxyInmL6QL9Pzaf2w0okGfrj3cuMD2M-63ZdpZnF6IUvByuGKBz4pI75xdvflUvuMWBMrX960rUmsjwD17t1Sio5W2JvHkDgWAH2Vr3fqulTEp6WB0TPVh9hz-fohulUF_Do0z2UmWvlkoTiLTv8hXj9_ejTEEZ3cDYTLfT47bhWAPV7gXpFq8L3xVH_9LZ_4MZvuDWGfqb92ebgfLekGsUjCoXUvN2jvmW6mo2jEcBMm7niAZbcK6ZgsuAD-8CbwR1S_oOMdIT-vLqz3quqHbfjCyp9WTV1dmEo14N0xpiSYN7kqkxZY8hzWNTMniagxo4pAVnkKL1SUP0IaIFcLueSreQFWSlnlm1yHcL2rbEqFrmRYYGNlorS9w3EWavH7mOjOaiZ09muVyVtXr2lAfFjjOS4ogZ4PB6ybLLAkqfSvornpu3Wa_IVtfvvHtL4lpkBfPX9r7cJx-WY5XFrVeCcIVNvZYjiVW9SdJvO0qefx39-wwEef6vX89uy3kCXNri1N47JkwA5cXT0Ww&uid=CAESEMgMsYMEH90MpfdGUfAXKU0&mguid=&ap={AUCTION_PRICE}&tid=3
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8D2E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68989
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 13:46:45 GMT
etag
48472445140208031
expires
Thu, 04 Jan 2024 13:46:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
checksync.php
contextual.media.net/ Frame 9DA0 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ac1edb147faef758a4c4eef4c7b2dfa02f8e5610ca98fd04d65fadf7b2d78f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
9652
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:34 GMT
expires
Sat, 06 Jan 2024 08:56:34 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
quic-version
0x00000001
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 2A02 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6314&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=z-Lo-HaKC-wEc2LkvQTZLA&vid=z-Lo-HaKC-wEc2LkvQTZLA&dn=duperb-shop.ngontinh24.com&rawDn=duperb-shop.ngontinh24.com&requrl_dn=duperb-shop.ngontinh24.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fduperb-shop.ngontinh24.com&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=FL&ct=miami&zip=33186&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-77cb9c4859-lxsgj.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=9009&sckfl=1&suid=CAESEMdXEGDLFymemVx6v3Iw1IY&sckfl2=0&smbrid=adx-unknown&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm6O2g32deSeiS3Ul_qvXZqXrDQBcCdn6WgEav4j1GV264jmn26oX8oYzU5xwPgMAjJ7&pexid=ADX-pub-3944954862316283&geoll=false&is_ortb=false&commit_id=6232c897&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-01-03+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=54&req_tid_present=false&pvid=460&prvAccId=704594816&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=839288643&prspt=headerBid&prvReqId=248672988028419_855372565_8392886434601&size=300x250&chnl=smm_migration_test&bdp=0.190&bid_uuid=234d19ca5277dc7e21aeccf44eedb3f7&cbdp=0.14&og_cbdp=0.190&ogbdp=0.19&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.14&dsrc=-2&dp=0&dbf=1&epc=704594816&s=1&snm=SUCCESS&pcrid=8CU7Q771E-704594816-1-17&tpbTkn=false&exid=218&bidflr=0.110&pbidflr=0.110&opbidflr=0.110&spbf=0&viewability=92&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1704358592293&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.19&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080807683300300025000059500&strg=smm_migration_test&vls=0&scrid=1700080807683300300025000059500&mang=1&pvdTmax=238&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=250x250%7C300x250&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=b29c8b4d64&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23NedCkflWithData%3ADEFAULT%23%23BF_store%3AGCS%23%23launchexp%3Atoken2%23%23bsNed%3AvalidBid%23%23prll_req%3Atrue%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&mx_isNed=1&acid=5bacfc6154739f42b8056515713bf971&rtime=29.0&wsip=mowx-lite-78f788cb9b-zm72p&ltime=35.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=4276375253&impId=1&reftime=0&reftype=0&sticky=true%7Cfalse%7Cfalse&psrc=fail&mowxReqId=5bacfc6154739f42b8056515713bf971_1&policy_enf=2&pub_blk_enf=1&req_size=300x250%7C250x250&renderer=1&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=6&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=z-Lo-HaKC-wEc2LkvQTZLA_1&supplyTagId=4276375253&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100273&debug_ts=2024-01-04+08%3A56%3A32&__expireat=1704359192545&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.190&lo_cbdp=0.14&actltime=36&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.19~dom_b%3D0.53~scd%3Dfl~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2024010313~iurl_b%3D730.01~url_tkc%3D0~url_r2a_b%3D0~std%3D4276375253~mn_beh_boost%3D0.85~rat%3D0.000%2C0~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D15~bh_im%3D50~riipua%3D107%2C107~rc%3D1~risuid%3D0%2C0~rps_sd%3D2024010314~radv%3D0.000%2C0~url_b%3D1.28~vl2r_url_b%3D0~smm_wr%3D19.5245~url_l%3D10~slv%3D22.88~gcat%3D-1~bb%3D196~smm_mul%3D0.74~erpm%3D0.19~vl2r_url_kc%3D0E0~psi_c%3D22%2C14%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D1187~rke%3D0%2C0~a3p_b%3D3.49%2C78.85~sd%3D1~uid%3D2IaGiy3O72mvbtCIrj~cvl2r_b%3D2.28~btd%3D6719302845123120583702404910895373864595872758810217855265716084894051795260341120605988851285283573760~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~kb_dl%3Dn%2Fa~uiw%3D-1~ce%3D0~rcv%3D41.06~CI%3D3079~kb_uc%3D0~nts%3D2~kb_ul%3Dn%2Fa~kb_ccks%3D0~ct%3Dmiami~bss_KTW%3DNA%2CNA~basis2%3D196~bdt%3D1704358592~basis1%3D196~kb_tt%3D0~bh_sd%3D2024010201~dc%3D8~vl2r_b%3D3.14~tt%3D1187~vw_exc%3D0.92~smm_bid%3D0.14~vis_sd%3D87~url_rps_b%3D8.64~bh_co%3D0~sobj%3D0.07~dc2%3D1~v_asn%3D9009~MP%3D.*shop.*~last%3D~cvog%3D2.28~vis_url_b%3D0.78~vl2r_i_sd%3D2024010313~vis_url_l%3D30~et%3D20~vl2r_i_b%3D0.02~vis_b%3D778.58~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D85~rfv%3D41.06~l2r_b%3D1000~smm_sd%3D2024010403~radp%3D0.000%2C0~sid%3D704594816~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.92~d2p_l%3D10~cvl2%3D2.28~3pcf%3D1000.23~og_msh%3D0.19~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.98~rps_b%3D78.85~url_srps_b%3D8.64~rkwp%3D0.000%2C0~MP2%3D.*shop.*~rkwd%3D0.000%2C0~isRef%3D0~PF%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.14~kb_pt%3DHomepage~url_rps_rv%3D0~cbdp%3D0.140%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D4276375253%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.92%7Epos%3D6%7Eac_type%3D1%7Eadblk%3D4276375253%7Eamp%3D1%7Eogbid%3D0.190%7Ebflr%3D0.110%7Esuid%3DCAESEMdXEGDLFymemVx6v3Iw1IY%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dsmm_migration_test%7Ebdpcapd%3D0%7Edalg%3Dsmm%7Esgmt%3Dlong_tail_homepage_catchall%7Esobp%3D%7Exid%3DADX-pub-3944954862316283%7Ehtml%3D1%7Esmm_api%3Dv1~ibc%3D1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D238&utime=1684&sf=0&cpr=0.7448609165158309
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Jan 2024 08:56:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2B5D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68989
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 13:46:45 GMT
etag
48472445140208031
expires
Thu, 04 Jan 2024 13:46:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2A02 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1f88a63f927b09acc5653332a4e478799d790f26d286a95bbe9056a2dd85bc7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
v3
id5-sync.com/gm/ 		698 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
039b67ff4c7c1acb8f40e3cb58ccb5fb57282649dde3e1e5db2530b0c79be0fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6831 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68989
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 13:46:45 GMT
etag
48472445140208031
expires
Thu, 04 Jan 2024 13:46:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3D46 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bd2244b53c02cbe507dbc9c546eb3e3e0e450c0455804a33f694162a9b1955

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2772 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6afa771f109b9956fcef1a03be4ee44ba97dbac7c943c7f9a539dc3e0e9a2f70

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 4DBF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LQYZ3LUL-20-86GL
  • https://s.amazon-adsystem.com/ecm3?id=LQYZ3LUL-20-86GL&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQYZ3LUL-20-86GL&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A08TPMYKSGV1D5C1VER5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQYZ3LUL-20-86GL&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
truncated
/ Frame D4B8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b31c7f681afad276260ddf3c822343ecfce5569fc90fee3d6c45a9a75c02608f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/ Frame 54DF 		24 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6036f549339e4770f5953209733cae0fe1e6493a28f39b6f72306b1716ed7d56
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
14147
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4210
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 05:00:47 GMT
expires
Fri, 03 Jan 2025 05:00:47 GMT
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cksync
cs.media.net/ Frame A983
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMrblUvQi8LnAtqFy6etmMU&google_cver=1
57 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMrblUvQi8LnAtqFy6etmMU&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 04 Jan 2024 08:56:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMrblUvQi8LnAtqFy6etmMU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3D46 		0
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulup-VwrM8YwSxxGogXxXFACE7KKncoB_WSNFGLccEAHe-RnnrOuDi8RvI6XLngkRCoNLUYAA5EX6eUGETURZtdSecPAyqTEBr_3N5Fd6Sl4Pui0aDPA9nugFZvlXZj8rHVVTYm8DvDmdefcjOy3Mp-TiJatvhrr2WVkOwjOBKeXDQEF0ZFGwmJelPMGNVCjwUmpdVYPa6S_ZAyLRhhqJXPmLdZZh9lVYqyNNs6jz57cNl20bELDjXopTQIwQqHALHM4oSvfZbi8ZVXtt9qcYwTdw3_NDdm05WSF4ehxP5ITy5rP7FTf5KIJPos2nU_jpsU5Jw7h31P-XnJ9Y3WJA4M9tWW_aZtNrnG0T1742n9Fouq6PWEt3631M1g5mi967xJ6vQxJAgL_JMeUCWblc_Injv_Y4AbjfjTzwr22Nm7pzIFRmz4Hl9YhURCTDA7oH2OVpdknP-UEwFcIOmccQkezOgup2ToLTVcJ43FsLNd_Ca1XfQBWRY-OYwe2q5yYlsC-CRrWxIRQqT0rRLunJ9Z-GK7reTwwPmnzS-WVKyR5ZNQdMGS2YWS9pIfZ_DPoQ7ZolZpaNxpJaM-MFwn21KkQLazZWlIQeBOla4-8w8xX42RZlfdY7dUC8GlrXm8T94NVpO7DPvPl2ArP2XG6eMwkS66tiKTp6uNH1agW21RvwRC9pHkTAj65RJhr83-0gQ5R53N1hBuQsoqctiDq6PrQi44jvvFLcU5k_YXz8HQaIrCemJBhvj95jA-HkYP60ssTF3bZmNJYKpGp34nog6ECRSfizbk7QG9Ksa6dw8siujFk3sLenxYccE2u2FL8P66ec712JZVfGx7LqQVOo4sgPqQb-Mh-WNV_wCy_ou8MXVbqiEcRLt5eifSD28lQfcqIplpa2UNRW5483gJsHwpJgbCS-M8yDl-cY3GHvSQ1QTyj4TCrSXmPcNQEoT8LoV7wrXJSDy9-WuMmm4Ce2D0iBkj6uWEmMjmJePTZ16rptnt3S2wl-sRr0QiRQxLEkQ4O_FnGEkwBXbgOACiTrdWlYMPajYoQ2txvDDfMR6L_TmZvMJguA8SFI495lGRoxrLzYfm6TJcDsrU2mKTMrnsmS7uKP2uCy_c1AoR419pYVdLM_nc_GBejtGRq_NsAk2TTlw7AD0QDsnHaZAEZ14NIhxG9_WGLAnfYpZUcXJVgxDmAljwxpQkhWWd_tfzNYyfWmYR-8PUkHBTfWvSgXXnZ_c8TeGxvZH43Mwjwh6CwCLEM7RLZJGj4M1J8HYE2NnUTcWBFx2ncazurGAGTFBVtFIHJlbE798L09aOIhwsh_l2GY&sai=AMfl-YRIb6VcrJXm44NsDNbUQMs2D1nfcd5yo_OyalSnLVXuDCEOqlkP--e6BcGTJkxeKkrfVKReA2ar6rtqOW89AHcWpa-J8KK_lTuQvBadSOAWkLx48oGqk1D4vhGEYEgxtIAHx3QuzStUI2tWcXGbOK6hKnCj3CsvcJD4sevSI4zS4hQhrFKERgNg-iFjqwNcDPwfUwcflkdxncW4QiTWyZxCiOK7-7HeEeicBCzBRWspZbQPxySOFZO-JnfzXyau-yknW0EYauZwCbnuqR63w2tpUGNqDGlippc5lzfrubxAqOR41QmwKiUotlKnh9AQQKKz9c7eRFbggNERhyBiSgnItwXl3Yaz2ZVdoF-t_ykmcQM2ODQv9AJ1NoJ8y6jA-75hrtrx3zJIZsdYk-zCDq5fxJBm&sig=Cg0ArKJSzEdEvQfKTAfzEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&cbvp=2&adurl=
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 08:56:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cksync
cs.media.net/ Frame 9DA0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMrblUvQi8LnAtqFy6etmMU&google_cver=1
57 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMrblUvQi8LnAtqFy6etmMU&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 04 Jan 2024 08:56:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMrblUvQi8LnAtqFy6etmMU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 10CD 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 10CD 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 10CD 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 10CD 		15 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6017&&vgd_canary=0&vgd_l2type=scs_newfl&fp=cSh-Tk4KkE4GXFl85PCwFpjPZ4ALdcSTDKutKvOvZ1M__4amuAL0rl0EUtBi981m5dXuH_0aluQCX8kDYFZHP6a-vGl7S5wOGkSVZGBDuMO2l8ULLZUkTB1C-Hn-UC8D_zTRnco4KTeY7I1YkyAdGnPzuG_zkD3U&cme=LAB-EEs8vzNEHwGBIj9RRp-6l7ND3ten40tAyUteqtcpB2nVqJ5tYsYOy1ZVO-UER9zZNUvKf23ZLj876aIro-8qoXQS9I8DS_1quiRNjJRQVAEwp2UaCoUjRaY-igMblBvklqMqoaabQHmEyc1vkAQNCQLOFhzFNjnJ1Uaefiur7shZ4YWS_Wvbo6X3YjQpcvcboKGPh0OHpUNFSrb-hZQ_0yuSm2Amp51RGymWVLVZdJlbLrwEBw%3D%3D%7C%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CTWVQnUfc1MsK8a0JenOFi27NIAHFZtafs2Fy90snGabIZHWuynQfUVn_BmyxkAGamamUiZY_Njl4DOhAYPzwDY9Qn-eEEh31YfbNtPopWFIGk6vqyWefXRhpoDbhb6v9XnMXtrnc4raVCpsIBhFl83tyNGnIJ3AWH9zJGbVri62_gUujzPwj0EW6RifU_2DiyAj_89dsTd0BHGpsal7yazBuSMv-1B6hUXkS8IjNZZfiAWFY0TpyE5qyzQqmUgJn8S79Yfq5q6YtKYvMCEUXlqBMqD8kGypZmmkJ_8zfAvg%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CUFJJWZ1lEVdklaUp4Q9x5TG45h_4b8t5%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD5Y3t1bvkxnzszWozAYsvwt79WwhPpkkCjEF1p0nFCu6HdwP-qCZOiX%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D010208%7C13%3D0.0577%7C14%3D010320%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.375%7C1%3D0.51%7C2%3D1.99&ktd[]=4503874522251520&kwd[]=Walgreens+Weekly+Sale&kwt[]=267&kbc[]=153975&kwp[]=2&kid[]=180429770&kbc2[]=3%3D0.12%7C4%3D3.12%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D010208%7C13%3D0.0484%7C14%3D010320%7Cokt%3D267%7Cbdkt%3D267%7Cps%3D0.631%7C1%3D0.61%7C2%3D1.17&ktd[]=18014673404297472&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=324947967&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D010208%7C13%3D0.0571%7C14%3D010320%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.375%7C1%3D1.18%7C2%3D3.60&ktd[]=4503874522251520&kwd[]=Stocks+to+Invest+In&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=27190006&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D010208%7C13%3D0.0605%7C14%3D010320%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.375%7C1%3D0.77%7C2%3D4.33&ktd[]=274911658240&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170774532&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Y81Y8%22%2C%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22sT%22%7D&cid=8CU7Q771E&vi=1704358593807455882&vsid=3473601931523697&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0110&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L368-S368&vgd_imdtl=1&vgd_l3_sc=FL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3001ca6a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1704358593765&upk=1704358594.989&hvsid=00001704358593765006462152365617&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_mspa=0&vgd_l1rakh=1704358593176655740&vgd_ecrid=1700080807683300728009000059500&vgd_mspad=a&vgd_isiolc=1&kbbq=%26asn%3D9009&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3473601931523697&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fh~OmYMGv9.XA~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9AuA~8xLjMGvhA9.9u~xLjM7UNv9~xLjMLf1MGv9~Q7OvWiuFHWXX9~YzMGJwMGmmQ7v9.WX~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGvuX~GwM8YvX9~L88Ex1vu9h%2Cu9h~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9AuH~L1Oev9.999%2C9~xLjMGvu.Ah~ejfLMxLjMGv9~QYYMBLvfX.uuXi~xLjMjvu9~Qjevff.WW~yN17vou~GGvuiF~QYYMYxjv9.hF~JLEYv9.fh~ejfLMxLjMUNv949~EQ8MNvff%2CuH%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvuuWh~LUJv9%2C9~1AEMGvX.iA%2ChX.Hi~QOvu~x8OvfV1Zw38W7%3DA54NeGYp~NejfLMGvu.Fh~G7OvFhuiA9fWHXufAuuFF9XuuFXuAFAfF9ffH99XuFFA9iih9HAWuHAiW9F9hWiFWHfWhfFAAuufihXufu9uuFuuFAfXHhuiFuWXuWWhFuF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iX~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHu.9F~%3DVvA9hi~UGMxNv9~z7Qvu~UGMxjvzS1~UGMNNUQv9~N7vY81Y8~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HAXWXif~G1Q8QuvuiF~UGM77v9~GwMQOvf9fH9u9f9u~ONvW~ejfLMGvX.AH~77vuuWh~eBMJ-Nv9.W~e8QMQOvWh~xLjMLEQMGvW.FH~GwMNmv9~ONfvu~eM1Qzvi99i~c0v.*QwmE.*~j1Q7v~Nemyvu.Fh~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9AuA~e8QMxLjMjv9~J7vuW~ejfLM8MGv9.9f~e8QMGvFhH.WH~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvWX~LkevHu.9F~jfLMGvu999~BLMGvf.iu%2C9~QYYMQOvf9fH9u9H9A~L1OEv9.999%2C9~Q8OvXAFFWWXHH~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.W~OfEMjvu9~Nejfvu.Fh~AENkviii.WX~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iX~LEQMGvhX.Hi~xLjMQLEQMGvW.FH~LUBEv9.999%2C9~c0fv.*QwmE.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fu~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.fu9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvWiuFHWXX9~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.W~EmQvF~1NM75EJvu~1OGjUvWiuFHWXX9~1YEvu~myG8Ov9.fh9~GkjLv9.9X9~Qx8Ov%3DK4b4TWmRt53H2U5YdH14a9q4cV~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoAiHHiXHWFfAuFfWA~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfHF&vgd_cfud=230323&vgd_scsver=309&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=528&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1141&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=FL&vgd_l1rhst=contextual.media.net&hvsid=00001704358593765006462152365617&rc=0&rand=1704358594331&acid=2ccea5b985facf04b78eacc7e71640e9&matm=1704358594331&vgd_ltimesrc=1&vgd_ltime=1281&vgd_rtime=1280&vgd_etm=12&vgd_l1hcsd=Otp9r%7C23&vgd_tcf_cmp=1&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6411&vgd_pgid=p11752618742t202401040856&vgd_csip=rtb-appnexus-77cb9c4859-sbqv9.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SF%7C168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D44%2C11%2Ca%2C12%2C16g%2Cpr%2C6z%2Cg%2Ch%2Cgo%2Ci2%2C16t%2C16u%2C146%2Cod%2Cc9%2C9%2Chb%2Cy5%2C16c%2C97%7Ccsh%3D1&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3027&&kkdd=nH%7CW%7C9Hnuh3*A&44=c.&111=TDw99ffEbQzBmvu1T!.lyEb.UEVHj_pe5emZmhzP-WIdgdBuasJ-boUf13ptp-jVCKdPJ82kz_cBslEs88y1s1_864preKKK&423=jj)j&3z=jdD)sYPYosPDd)YYPPx&h2vb=D&1GvK=D&5G4f=*swP&4z2=PecdHddjZ&4v42=H4VhCBXam(ZX6jmmqbb(4U%3D%3D&4bz2=YswwPPY))&GzFf=dxPBoD&G4=J*&4RE1=G11m1zhbK5zCEm5fG5&vz2=PygwdnWs.&5vz2=rjZswwP&R55vG=j&bbb=5FnqR*49q*PIswCVTrPY-*s)_98bNCoKQNDDcaJsEmmMmTbqy*hfG-%3D%3D&EGf=Y&9U=j&ah2=)&K25j=Pecco(JP8&K25x=PsoxPPw)s&l2K5K=G2x%3DEa997zab9m9%3DjD7Chfbv1%3DDAxd72C1ml%3DDAYs7G42%3DS97bKf%3DD%2CD72C1m9%3DxD739xbmG2%3DxDx)DjDsjs7zab9ml%3DdsDADj7ab9m5u4%3DD7ab9mbxKml%3DD7G52%3DPojw)PYYD71EmlfRmlCCG5%3DDAPY7bK5%3DDADDD%2CD7zv%3DWC28uvSEo6uzSK)yW1GZ~7Sll%3DjY7lRmz1%3DYD7bzzvaK%3DjDd%2CjDd7b4%3Dj7bzGaz2%3DD%2CD7bvGmG2%3DxDx)DjDsj)7bK23%3DDADDD%2CD7ab9ml%3DjAsd739xbmab9ml%3DD7G11mUb%3DxYAjjYo7ab9m9%3DjD7G93%3DxxAPP7h4K5%3Dqj7ll%3Djow7G11m1a9%3DDAdw7fbv1%3DDAxd739xbmab9mu4%3DDZD7vGzm4%3Dxx%2Cj)%2CD%2CD%2CD%2CD%2CD%2CD7l1%3Dj7vGzm2%3DjjPd7buf%3DD%2CD7Ksvml%3DYAos%2CdYA)o7G2%3Dj7az2%3Dx_KIRWzP5es6Z43l1N7439xbml%3DjAwd7l52%3DwdjosDxP)YjxsjjwwDYjjwYjswsxwDxx)DDYjwwsDoodD)sPj)soPDwDdPowP)xPdxwssjjxodYjxjDjjwjjwsxY)djowjPYjPPdwjw7az1%3DD7bu5%3DDADDD%2CD7Ch2xvml%3DDAoY7GG%3Dk-744%3Dc.7ulm29%3DE%2FK7azU%3Dqj74f%3DD7b43%3D)jADw7e_%3DsDdo7ulma4%3DD7E5G%3Dj7ulma9%3DE%2FK7ulm44uG%3DD745%3D1zK1z7lGGmMrN%3Dk-%2Ck-7lKGzGx%3Djow7l25%3DjdD)sYPYox7lKGzGj%3Djow7ulm55%3DD7lRmG2%3DxDx)DjDxDj724%3DP739xbml%3DYAs)755%3DjjPd73UmfB4%3DDAP73zGmG2%3DPd7ab9mbvGml%3DPAw)7lRm4C%3DD724x%3Dj73mKGE%3DoDDo7~y%3DAiGRCvAi79KG5%3D743Ch%3DjAwd73zGmab9ml%3DDAYw739xbmzmG2%3DxDx)DjDsjs73zGmab9m9%3DD7f5%3DjP739xbmzml%3DDADx73zGml%3Dwd)AP)739xbmab9m3z%3DjZqjw7ab9m53z%3DD733%3DD7439xbmG2%3DPY7bS3%3D)jADw79xbml%3DjDDD7Ubml%3DxAoj%2CD7G11mG2%3DxDx)DjD)Ds7bK2v%3DDADDD%2CD7Gz2%3DYswwPPY))7ab9mbvGmu4%3DD7ulmGb4%3Dull73Ua%3DDAP72xvm9%3DjD7439x%3DjAwd7sv4S%3DoooAPY7211mG5bh%3DG11m1zhbK5zCEm5fG572xvml%3DDAoY7bvGml%3DdYA)o7ab9mGbvGml%3DPAw)7buUv%3DDADDD%2CD7~yx%3DAiGRCvAi7buU2%3DDADDD%2CD7zGnfS%3DD7yJ%3DD7zGzS%3DD7ab9mbv4ml%3DD7lz2%3DDAxj7ulmv5%3D8C1fvKhf7ab9mbvGmb3%3DD74l2v%3DDAxjD7G2%3Dj7z56vfmz2%3Djd7Gf99fbm5Khmz2%3DPojw)PYYD7Gavv96m5Khmz2%3D72f5f45f2m5Khmz2%3D73zfUKlz9z56%3DDAP7vCG%3Dw7K4m56vf%3Dj7K2l9u%3DPojw)PYYD7K1v%3Dj7Chlz2%3DDAxdD7lS9b%3DDADYD7Gaz2%3De-Z.Z*PCXQ6W)tu61T)KZgD8Z~_7254%3DfKG5mG47211mfbv1%3DSK9Gf7211%3DG11m1zhbK5zCEm5fG57l2v4Kv2%3DD72K9h%3DG117Gh15%3D9CEhm5Kz9mRC1fvKhfm4K54RK997GClv%3D7Bz2%3D-pQqvalqso))oY)PwxsjwxPs7R519%3Dj7G11mKvz%3D3j7zl4%3Dj7EGF%3Dj75hG%3DdxPBoD7lGl%3DD7lGv%3DD751B%3Dx)w&E53=D&zU=dxP&zE_Sb=j&l2b_2=)wD&lz2=s)oDw)&14S=dwYox&62Gvb=j&lKf=XBfk%2FFVFKh7XBfk%2FFKXKh7)ff&uK5vbf=j&uK5lz2=qjDx&4K2C1KzE=5FnqR*49q*q8.Rk)xqaaS2EYgQRxzeDkwV2sx6)_.4T!g8Tmu6TCFh%3D%3D&6v9v=j&zGz2=Y&K23=_E3fG5Cb%20JC4aG&GG14bm3fb=Y&vhz2=vjjdYxwjPd)x5xDx)DjD)DPYw&GG92=%7B%22GGzv%22%3A%22xDDj%3ADYYD%3Aj2DY%3ADDDD%3ADDDD%3ADDDD%3ADDDD%3ADDDD%22%2C%22GG44%22%3A%22c.%22%2C%22GGG4%22%3A%22J*%22%2C%22GG456%22%3A%221zK1z%22%7D&R519Gb4=j&sflct=3761804&54Sm41v=j&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 04 Jan 2024 08:56:34 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Thu, 04 Jan 2024 08:56:34 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4DBF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MFF8SHZXPZ51NXE4029X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4DBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFZWjNMVUwtMjAtODZHTA==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOmNmde3y-kEaiYCgWR_jyE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFZWjNMVUwtMjAtODZHTA==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFZWjNMVUwtMjAtODZHTA==&google_push=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFZWjNMVUwtMjAtODZHTA==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 4DBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jOc7CYyQx8AmeVwdzaiGoMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-64cFouFE2oIQEXDBJnomkXJR9SvGw2pvImletg--~A
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-64cFouFE2oIQEXDBJnomkXJR9SvGw2pvImletg--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-64cFouFE2oIQEXDBJnomkXJR9SvGw2pvImletg--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 4DBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQYZ3LUL-20-86GL&gdpr=0
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQYZ3LUL-20-86GL&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A767AEDFB9664BD5A681CFFDC8834E35 Ref B: MIAEDGE2316 Ref C: 2024-01-04T08:56:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOGuiaWKi3ENHv185jkg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQYZ3LUL-20-86GL&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4DBF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHFM_mNuhylTRuaGK2gViEM&google_cver=1
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHFM_mNuhylTRuaGK2gViEM&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHFM_mNuhylTRuaGK2gViEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4DBF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LQYZ3LUL-20-86GL&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQYZ3LUL-20-86GL&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W1CP0XRFBSRX0P4JVS37
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQYZ3LUL-20-86GL&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4DBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY5ODE2N2Y4NjExNGQ3YzJhOTU4OWUxZmVlNjI0MzFkYTM4NWU2OA&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY5ODE2N2Y4NjExNGQ3YzJhOTU4OWUxZmVlNjI0MzFkYTM4NWU2OA&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY5ODE2N2Y4NjExNGQ3YzJhOTU4OWUxZmVlNjI0MzFkYTM4NWU2OA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4DBF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=&expires=30
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 4DBF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=i-6t6AA8RQ26_ZRyHelWBA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=i-6t6AA8RQ26_ZRyHelWBA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=i-6t6AA8RQ26_ZRyHelWBA&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
99T6936YAC880DKYKRDP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=i-6t6AA8RQ26_ZRyHelWBA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4DBF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEjgU7LLOYAABZ9wfisGQ&expires=30&gdpr=0
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEjgU7LLOYAABZ9wfisGQ&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEjgU7LLOYAABZ9wfisGQ&expires=30&gdpr=0
Date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame 4DBF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LQYZ3LUL-20-86GL&gdpr=0
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQYZ3LUL-20-86GL&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQYZ3LUL-20-86GL&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 4DBF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&expires=30&gdpr=0
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&expires=30&gdpr=0
Date
Thu, 04 Jan 2024 08:56:34 GMT
Connection
keep-alive
X-CI-RTID
3cbb763e-e4b5-48eb-ae17-72e10b3f4143
Content-Length
155
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 4DBF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQYZ3LUL-20-86GL&gdpr=0
68 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQYZ3LUL-20-86GL&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
107.23.135.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-135-200.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQYZ3LUL-20-86GL&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
Expires
0
merge
ce.lijit.com/ Frame 4DBF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LQYZ3LUL-20-86GL&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LQYZ3LUL-20-86GL&gdpr=0&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQYZ3LUL-20-86GL&gdpr=0&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
23.92.190.69 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQYZ3LUL-20-86GL&gdpr=0&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 4DBF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQYZ3LUL-20-86GL&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQYZ3LUL-20-86GL
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQYZ3LUL-20-86GL&ckls=true&ci=smbYB4P6Wt&nc=false&trid=-1470291295
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQYZ3LUL-20-86GL&ckls=true&ci=smbYB4P6Wt&nc=false&trid=-1470291295
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
54.192.51.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-9.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
HXfuEwCwad_kI4vCj9ViTi-z9p_mdvwhqvm4g6Ds85kKUtDb8rLNAA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQYZ3LUL-20-86GL&ckls=true&ci=smbYB4P6Wt&nc=false&trid=-1470291295
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
A2GXoYZYp23194GekfL6n844zwRBigQKg_SqlxC9Ugc1fLLdtFk7MQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync
hb.yahoo.net/ Frame 4DBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQYZ3LUL-20-86GL&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQYZ3LUL-20-86GL&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS12NzFzLlBORTJ1SDEzeG1KVjJldVFhSkFXWW5hWExvVn5B&gdpr=0&ovsid=LQYZ3LUL-20-86GL&dpid=58160
57 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS12NzFzLlBORTJ1SDEzeG1KVjJldVFhSkFXWW5hWExvVn5B&gdpr=0&ovsid=LQYZ3LUL-20-86GL&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.40.207.64 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-64.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 04 Jan 2024 08:56:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 04 Jan 2024 08:56:35 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS12NzFzLlBORTJ1SDEzeG1KVjJldVFhSkFXWW5hWExvVn5B&gdpr=0&ovsid=LQYZ3LUL-20-86GL&dpid=58160
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CE5C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68989
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 13:46:45 GMT
etag
48472445140208031
expires
Thu, 04 Jan 2024 13:46:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B803 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c60656ed5e0238af833debaf17aa2fa81b2e0b1cc5389318dbfb916abd94b77c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9S28R9cnX7UOJ1aa6Sr4Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-9S28R9cnX7UOJ1aa6Sr4Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 38FD 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 38FD 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 38FD 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 38FD 		15 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6332&&vgd_canary=0&vgd_l2type=scs_newfl&fp=7K5qaXKeBs3NWvgni6vwK1kqINsCpkaI86AGFiEtiTq6SD3Fqwn4iAzgOKz7Ld9zOLW9wVIwguEyU9Nn2T-tRQsGbODgeT_aRBu_2Eca9DmFCPOQ_MaHx5f_V9PEVclrjBX2d3MNqTFbDVz2hGE4_JDzJnBgX6cD&cme=MyeKLX2dQ-qEL9mNSn89Cal6GwyCSC520vJk7uUirEcwH0-EROz1YbtVTsbt3ff_eu3qHkbNsUMnbn-h1J4KTsSWcW5PiHTUtLZmibDhaFUk8B9gwmLhHVye8Dgh3UFpUrcBqYHMMVClUBhqnEdaynQB0FT1vjqNRu-GdeDEkkCupx_puIQQEglgAVW1v8qSPzk_CffZ7LQJqVqKoggluS9Ol1098kPYqdNE_ZHEahFRfXnmm0LnWA%3D%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CUFJJWZ1lEVdklaUp4Q9x5TG45h_4b8t5%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD5Y3t1bvkxnzszWozAYsvwt79WwhPpkkCjEF1p0nFCu6HdwP-qCZOiX%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CK8t3-KtETqwjqfFZulbC27NfW5M52rHBaIPiJAVsTaGS3FEwgSDD0hK1LMG7JVgE8mlAvSBNRIfB4KKa48VuA1PXpg1_5iX8_77fG1QIktGOQOKzt8vA-kL1huxaOrehj2zGhVmS_JKWiGbFAmEbQeH_wi2oEf4aLpNuUsEUVUrkgMmSvmDmqMgLRHBxKPwNg7EuB0JlWhFBzaO3MPyT4HB9KY6O3JvkMBHH8r7_flhi-683DhppzEvTErmX2iA5WaasNYPv34kklWFkwdnmXo_kRy7y35ZYX8GbsWN6FpQ%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=267&vgde_kbbh=ffoyxQJuO&kwd[]=Walgreens+Weekly+Sale&kwt[]=267&kbc[]=153975&kwp[]=1&kid[]=180429770&kbc2[]=3%3D0.12%7C4%3D3.12%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D010208%7C13%3D0.0522%7C14%3D010320%7Cokt%3D267%7Cbdkt%3D267%7Cps%3D0.631%7C1%3D0.61%7C2%3D1.17&ktd[]=18014673404297472&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=299487099&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D010208%7C13%3D0.0652%7C14%3D010320%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.375%7C1%3D0.96%7C2%3D5.69&ktd[]=274911658240&kwd[]=%2430+an+Hour+No+Experience+Jobs&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=350784374&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D010208%7C13%3D0.1291%7C14%3D010320%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.375%7C1%3D0.37%7C2%3D1.45&ktd[]=274894881024&kwd[]=Quick+Personal+Loans&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=23633332&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D010208%7C13%3D0.1302%7C14%3D010320%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.375%7C1%3D0.97%7C2%3D4.57&ktd[]=274911658240&kwd[]=Rental+Homes+by+Owner&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=24236124&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D010208%7C13%3D0.0650%7C14%3D010320%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.375%7C1%3D0.31%7C2%3D1.31&ktd[]=274894881024&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=US&wsip=170774532&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Y81Y8%22%2C%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22sT%22%7D&cid=8CU7Q771E&vi=1704358593659368880&vsid=3473601931523688&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0110&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L368-S368&vgd_imdtl=1&vgd_l3_sc=FL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000ca6a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1704358593869&upk=1704358594.8809&hvsid=00001704358593870006462152362828&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_mspa=0&vgd_l1rakh=1704358593141026708&vgd_ecrid=1700080807683300300025000059500&vgd_mspad=a&vgd_isiolc=1&kbbq=%26asn%3D9009&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3473601931523688&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.ui~OmYMGv9.XA~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9AuA~8xLjMGvhA9.9u~xLjM7UNv9~xLjMLf1MGv9~Q7OvHfhFAhXfXA~YzMGJwMGmmQ7v9.WX~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGvuX~GwM8YvX9~L88Ex1vu9h%2Cu9h~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9AuH~L1Oev9.999%2C9~xLjMGvu.fW~ejfLMxLjMGv9~QYYMBLvui.XfHX~xLjMjvu9~Qjevff.WW~yN17vou~GGvuiF~QYYMYxjv9.hH~JLEYv9.ui~ejfLMxLjMUNv949~EQ8MNvff%2CuH%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvuuWh~LUJv9%2C9~1AEMGvA.Hi%2ChW.WX~QOvu~x8OvfV1Z85AahfYeG7%3DVLd~NejfLMGvf.fW~G7OvFhuiA9fWHXufAuf9XWAh9fH9Hiu9WiXAhAWFHXiXWhfhXWWu9fuhWXXfFXhuF9WHWiH9XuhiXfF9AHuuf9F9XiWWWXufWXfWAXhAhF9~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHu.9F~%3DVvA9hi~UGMxNv9~z7Qvf~UGMxjvzS1~UGMNNUQv9~N7vY81Y8~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HAXWXif~G1Q8QuvuiF~UGM77v9~GwMQOvf9fH9u9f9u~ONvW~ejfLMGvA.uH~77vuuWh~eBMJ-Nv9.if~QYYMG8Ov9.uH~e8QMQOvWh~xLjMLEQMGvW.FH~GwMNmv9~QmGdv9.9h~ONfvu~eM1Qzvi99i~c0v.*QwmE.*~j1Q7v~Nemyvf.fW~e8QMxLjMGv9.hW~ejfLM8MQOvf9fH9u9AuA~e8QMxLjMjvA9~J7vf9~ejfLM8MGv9.9f~e8QMGvhhW.XW~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvWX~LkevHu.9F~jfLMGvu999~QYYMQOvf9fH9u9H9A~L1OEv9.999%2C9~Q8Ovh9HXiHWuF~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.if~OfEMjvu9~Nejfvf.fW~AENkvu999.fA~myMYQwv9.ui~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~LEQMGvhW.WX~xLjMQLEQMGvW.FH~LUBEv9.999%2C9~c0fv.*QwmE.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uH~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.uH9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvHfhFAhXfXA~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.if~EmQvF~1NM75EJvu~1OGjUvHfhFAhXfXA~1YEvu~myG8Ov9.ui9~GkjLv9.uu9~Qx8Ov%3DK4b4cOt4ZrTs5YJY%2F-FeAVBuV3~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoAiHHiXHWFfAuFfWA~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGv9~GQEv9~7Y-vfAW&vgd_cfud=230817&vgd_scsver=309&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=528&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1141&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=200&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=0&vgd_sc=FL&vgd_l1rhst=contextual.media.net&hvsid=00001704358593870006462152362828&rc=0&rand=1704358594386&acid=5bacfc6154739f42b8056515713bf971&matm=1704358594387&vgd_ltimesrc=1&vgd_ltime=917&vgd_rtime=915&vgd_etm=7&vgd_l1hcsd=Otp9r%7C23&vgd_tcf_cmp=1&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6476&vgd_pgid=p11752618742t202401040856&vgd_csip=rtb-appnexus-77cb9c4859-lxsgj.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SF%7C168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D44%2C11%2Ca%2C12%2C16g%2Cpr%2C6z%2Cg%2Ch%2Cgo%2Ci2%2C16t%2C16u%2C146%2Cod%2Cc9%2C9%2Chb%2Cy5%2C16c%2C97%7Ccsh%3D1&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3072&&kkdd=*3%7CW%7Cnu9h*H3A&44=DV&Q3=vOqisuduosBuosBdddq&JYeG=q&w.eX=q&4YQ=vviv&k.4T=HsBd&43Y=dADOSOOvW&4e4Y=S4CJaR_7EIW_bvEE*GGI4!%3D%3D&4G3Y=OqiuoidvB&.3yT=sqqRxuq&.4=pH&4trw=.wwEw3JGXk3arEkT.k&e3Y=d-gBOUhsV&ke3Y=~vWsBBd&tkke.=v&GGG=kyU*tH4f*HdPsBaC5~duLHsi0fjGKaoXMKqqD7psrEEcE5G*-HJT.L%3D%3D&r.T=u&f!=v&7JY=i&XYkv=dADDoIpdj&XYkx=dsoxddBis&NYXkX=.Yx%3Dr7ff837GfEf%3Dvq8aJTGew%3Dqlvo8YawEN%3Dqlus8.4Y%3D6f8GXT%3Dq%2Cq8YawEf%3Dxq8QfxGE.Y%3Dxqxiqvqsvs837GfEN%3DOsqlqv87GfEkm4%3Dq87GfEGxXEN%3Dq8.kY%3DixOBsOuxus8wrENTtENaa.k%3Dqldu8GXk%3Dqlqqq%2Cq83e%3DhaYjme6robm36Xi-hw.WZ86NN%3Dvu8NtE3w%3Duq8G33e7X%3DvqO%2CvqO8G4%3Dv8G3.73Y%3Dq%2Cq8Ge.E.Y%3Dxqxiqvqsvi8GXYQ%3Dqlqqq%2Cq87GfEN%3Dvlxd8QfxGE7GfEN%3Dq8.wwE!G%3Dvoluxiu87GfEf%3Dvq8.fQ%3Dxxldd8J4Xk%3D*v8NN%3DvoB8.wwEw7f%3DqlOi8TGew%3Dqlvo8QfxGE7GfEm4%3DqWq8e.3E4%3Dxx%2Cvi%2Cq%2Cq%2Cq%2Cq%2Cq%2Cq8Nw%3Dv8e.3EY%3DvvdO8GmT%3Dq%2Cq8XseEN%3Dslio%2COdldu8.Y%3Dv873Y%3Dx0XP3bsgOxwQNkA0G584QfxGEN%3Dxlxd8NkY%3DBOvosqxdiuvxsvxqudsOqxiqiovqdousOsdBiuoudOxOuddvqxvOduuxBuOvBqdidoiquvOouxBqsivvxqBquoddduvxduxdsuOsOBq873w%3Dq8Gmk%3Dqlqqq%2Cq8aJYxeEN%3Dqlod8..%3D2L844%3DDV8mNEYf%3Dr%2FX873!%3D*v84T%3Dq8G4Q%3DivlqB8A0%3DsqOo8mNE74%3Dq8rk.%3Dx8mNE7f%3Dr%2FX8mNE44m.%3Dq84k%3Dw3Xw38N..Ec~K%3D2L%2C2L8NX.3.x%3DvoB8NYk%3DvOqisuduox8NX.3.v%3DvoB8mNEkk%3Dq8NtE.Y%3Dxqxiqvqxqv8Y4%3Dd8QfxGEN%3Dslvi8kk%3DvvdO8Q!ETR4%3Dqlox8.wwEN3Y%3Dqlvi8Q3.E.Y%3DdO87GfEGe.EN%3DdlBi8NtE4a%3Dq8.aN5%3DqlqO8Y4x%3Dv8QEX.r%3Doqqo8Z-%3Dl(.tael(8fX.k%3D84QaJ%3Dxlxd8Q3.E7GfEN%3DqlOd8QfxGE3E.Y%3Dxqxiqvqsvs8Q3.E7GfEf%3Dsq8Tk%3Dxq8QfxGE3EN%3Dqlqx8Q3.EN%3DOOdlud8QfxGE7GfEQ3%3DvW*vB87GfEkQ3%3Dq8QQ%3Dq84QfxGE.Y%3Ddu8G6Q%3DivlqB8fxGEN%3Dvqqq8.wwE.Y%3Dxqxiqvqiqs8GXYe%3Dqlqqq%2Cq8.3Y%3DOqiuoidvB87GfEGe.Em4%3Dq8mNE.G4%3DmNN8Q!7%3Dqlox8YxeEf%3Dvq84Qfx%3Dxlxd8se46%3Dvqqqlxs8aJEw.t%3Dqlvo8YwwE.kGJ%3D.wwEw3JGXk3arEkT.k8YxeEN%3Dqlod8Ge.EN%3DOdldu87GfE.Ge.EN%3DdlBi8Gm!e%3Dqlqqq%2Cq8Z-x%3Dl(.tael(8Gm!Y%3Dqlqqq%2Cq83.UT6%3Dq8-p%3Dq83.36%3Dq87GfEGe4EN%3Dq8N3Y%3Dqlvi8mNEek%3DjawTeXJT87GfEGe.EGQ%3Dq84NYe%3Dqlviq8.Y%3Dv83kbeTE3Y%3DvO8.TffTGEkXJE3Y%3DixOBsOuxus8.7eefbEkXJE3Y%3D8YTkT4kTYEkXJE3Y%3D8Q3T!XN3f3kb%3Dqlox8ea.%3DB8X4EkbeT%3Dv8XYNfm%3DixOBsOuxus8Xwe%3Dv8aJN3Y%3Dqlvoq8N6fG%3Dqlvvq8.73Y%3DALWVWZYMWP1HpbwTwzRBQs0!v0h8Yk4%3DTX.kE.48YwwETGew%3D6Xf.T8Yww%3D.wwEw3JGXk3arEkT.k8NYe4XeY%3Dq8YXfJ%3D.ww8.Jwk%3DfarJEkX3fEtawTeXJTE4Xk4tXff8.aNe%3D8R3Y%3DL1M*e7N*soiiouidBxsvBxds8tkwf%3Dv8.wwEXe3%3DQv83N4%3Dv8r.y%3Dx8kJ.%3DxuqRxuq%7CsqqRxuq8N.N%3Dq8N.e%3Dq8kwR%3Dxsd&rkQ=q&www=5qBffTTrGM3REemw5zVN-rGV!rCSv01AkAEWEJ3dLhPOgORm7spLGo!TwQ1)1LvCaXOdpjY230DRsNrsjj-wsw0jb41~AXXX&3!=sqq&3r06G=v&NYG0Y=iBq&N3Y=sioqBu&w46=OBuox&bY.eG=v&NXT=_RT2%2FyCyXJ8_RT2%2FyX_XJ8iTT&mXkeGT=v&mXkN3Y=*vqx&4XYawX3r=kyU*tH4f*H*jVt2ix*776YrugMtx3Aq2BCYsxbi0V45zgj5Emb5ayJ%3D%3D&befe=v&3.3Y=u&XYQ=0rQT.kaG%20pa47.&..w4GEQTG=u&eJ3Y=evvOuxBvdOixkxqxiqvqiqduB&..fY=%7B%22..3e%22%3A%22xqqv%3Aquuq%3AvYqu%3Aqqqq%3Aqqqq%3Aqqqq%3Aqqqq%3Aqqqq%22%2C%22..44%22%3A%22DV%22%2C%22...4%22%3A%22pH%22%2C%22..4kb%22%3A%22w3Xw3%22%7D&tkwf.G4=v&sflct=2765151&k46E4we=v&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 04 Jan 2024 08:56:34 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Thu, 04 Jan 2024 08:56:34 GMT
khaos.json
token.rubiconproject.com/ Frame DBA8 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQYZ3LUL-20-86GL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
dpixel
cms.quantserve.com/ Frame DB4C 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELC0nkPh2ty4jtbrcOSQ2EU&google_cver=1&google_push=AXcoOmTedyLx9mkXPMq697yE77ufSA2HTmD5t43UwKnrrSUiDARJjMPC513our2ni54Swhz4W8mc35So4-2r-1JmX3a6jIf0OfMw
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB4C
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELcs6DXG2hsGEt5HeQDY0Tg&google_cver=1&google_push=AXcoOmQhgqDoNBaTOjvKyxZXqosDj_3S1AhT-g2GOp59NE2n8LKqxrU...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1123c2eb012a05ee&is_secure=true&networkId=14000&version=1&google_gid=CAESELcs6DXG2hsGEt5HeQDY0Tg&google_cver=1&google_push=AXcoOmQhgqDo...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACWMpEdPzD0wM6l0jiAAAAAAA&expiration=1704444994&google_cver=1&is_secure=true&google_gid=CAESELcs6DXG2hsGEt5HeQDY0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACWMpEdPzD0wM6l0jiAAAAAAA&expiration=1704444994&google_cver=1&is_secure=true&google_gid=CAESELcs6DXG2hsGEt5HeQDY0Tg&google_push=AXcoOmQhgqDoNBaTOjvKyxZXqosDj_3S1AhT-g2GOp59NE2n8LKqxrUo6O8tsLfVzqB9PRXIze9drdme5I8ZoJoGQobbpsughXxBOQ
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACWMpEdPzD0wM6l0jiAAAAAAA&expiration=1704444994&google_cver=1&is_secure=true&google_gid=CAESELcs6DXG2hsGEt5HeQDY0Tg&google_push=AXcoOmQhgqDoNBaTOjvKyxZXqosDj_3S1AhT-g2GOp59NE2n8LKqxrUo6O8tsLfVzqB9PRXIze9drdme5I8ZoJoGQobbpsughXxBOQ
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame DB4C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPTlt7q2zjZCZz4SsGKcslQ&google_cver=1&google_push=AXcoOmQ7jX0vnWJQZsuLc3SfwcevLoEBKH5IKvG41LZa39vIoLZJV8z4DGnEHPBZrJWlRpHUknCM72VHgOOTaX7edJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame DB4C
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENHtgbTwolzOresqAl5NflY&google_cver=1&google_push=AXcoOmQDqH2BR_tK-grv00Q7pZtFC0APoe3YK-XN4Fxo1H0-SPHSm6g91GCTHIPq19AMSZAW6gxwCIpVlgHfDC2H...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xT0tFJAaShwByvKSqyjHWA&google_push=AXcoOmQDqH2BR_tK-grv00Q7pZtFC0APoe3YK-XN4Fxo1H0-SPHSm6g91GCTHIPq19AMSZAW6gxwCIpVlgHfDC2H5bFFkcr-dcUYog
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xT0tFJAaShwByvKSqyjHWA&google_push=AXcoOmQDqH2BR_tK-grv00Q7pZtFC0APoe3YK-XN4Fxo1H0-SPHSm6g91GCTHIPq19AMSZAW6gxwCIpVlgHfDC2H5bFFkcr-dcUYog
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xT0tFJAaShwByvKSqyjHWA&google_push=AXcoOmQDqH2BR_tK-grv00Q7pZtFC0APoe3YK-XN4Fxo1H0-SPHSm6g91GCTHIPq19AMSZAW6gxwCIpVlgHfDC2H5bFFkcr-dcUYog
x-host
tde-deliveryengine-production-59dc4ccdb-92rv5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame DB4C
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESECbLfoIr6Q936n8jfNjxasM&google_cver=1&google_push=AXcoOmRB9-p4hVquhaSMODxxTF58ba6lvIOrByKZpwFkY0TtxIEuf7oMvhfnli2gC7DULPjbNj7RloG99-JkIw56iUoNSjt8LWYJcA
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=S08wOGNpbnZEZmliQTU0QnczS1daUQ%3D%3D&google_push=AXcoOmRB9-p4hVquhaSMODxxTF58ba6lvIOrByKZpwFkY0TtxIEuf7oMvhfnli2gC7DULPjbNj7RloG99-JkI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=S08wOGNpbnZEZmliQTU0QnczS1daUQ%3D%3D&google_push=AXcoOmRB9-p4hVquhaSMODxxTF58ba6lvIOrByKZpwFkY0TtxIEuf7oMvhfnli2gC7DULPjbNj7RloG99-JkIw56iUoNSjt8LWYJcA
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=S08wOGNpbnZEZmliQTU0QnczS1daUQ%3D%3D&google_push=AXcoOmRB9-p4hVquhaSMODxxTF58ba6lvIOrByKZpwFkY0TtxIEuf7oMvhfnli2gC7DULPjbNj7RloG99-JkIw56iUoNSjt8LWYJcA
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
245
pixel
cm.g.doubleclick.net/ Frame DB4C
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJn7m0fzdkoPatqM6sphfyc&google_cver=1&google_push=AXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6EEKAXAa23oWA
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-add1v_2kFmrLuV1IWzXia1m5QxUk_xpL3XjjokqSew&google_push=AXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6E...
  • https://cm.g.doubleclick.net/pixel?google_hm=OAE2LYx1QgNAGbPXJfHy&google_push=AXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6EEKAXAa23oWA&google_nid=inmo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=OAE2LYx1QgNAGbPXJfHy&google_push=AXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6EEKAXAa23oWA&google_nid=inmobi_new_eb
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=OAE2LYx1QgNAGbPXJfHy&google_push=AXcoOmSLkJvYRqpEVfMY6rHvLaxVytJDIuoLw2LcCat13gs4tuyeCSiEDIKeJ-Ub9fNy8zI86EMNndDx-1WYyLm7mB6EEKAXAa23oWA&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
228
x-xss-protection
0
/
onetag-sys.com/match/ Frame DB4C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPtqT3SJt5tr_qMK1v9WeH8&google_cver=1&google_push=AXcoOmTPWwX4aKZJ-11xpVSt9DEgk60ZGsVNEnrbpF1WapuqA40AUfwwsxbGUqwNPiSrtElQLQqymICqlzy...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTPWwX4aKZJ-11xpVSt9DEgk60ZGsVNEnrbpF1WapuqA40AUfwwsxbGUqwNPiSrtElQLQqymICqlzyD79O4L_J41llHXso08w
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DB4C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEEzXdY48p_y-9JkfAQGbrbw3r-IjBTIHOMJb5pdCMZj4oh6V14683PwImGVJINYn0slwAt5A
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i9X9q5YTplC0aULwPrXlug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-i9X9q5YTplC0aULwPrXlug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-D6QiZKFJP-1dntBCV0Jf6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-D6QiZKFJP-1dntBCV0Jf6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXP-5_2ycOSc5csuS8GuVYo5Unmw7VdO2dENd6VEsE0vT7ozFIv3aHKjZyP1wZzlt47erXKzEq2J3NSu9t6FzyrhFBr3WMpjN8j3ASuI2vL-AsWPa_EH6YVqYQ63gHQFc8XJRIlww==
fundingchoicesmessages.google.com/f/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXP-5_2ycOSc5csuS8GuVYo5Unmw7VdO2dENd6VEsE0vT7ozFIv3aHKjZyP1wZzlt47erXKzEq2J3NSu9t6FzyrhFBr3WMpjN8j3ASuI2vL-AsWPa_EH6YVqYQ63gHQFc8XJRIlww==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MzU4NTk0LDQxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZHVwZXJiLXNob3AubmdvbnRpbmgyNC5jb20vIixudWxsLFtbOCwiZlh3ZFM4TmlJWm8iXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTgsIltbWzBdXV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b4ae89c749e7de33ac0bf2631c70c1ccb3a6b2812edb2d0b723c68030030eb1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pwBy_jVXWltyctXR2XF3cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pwBy_jVXWltyctXR2XF3cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8D2E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJBdViHQP1IWhRdUoYtZs_g&google_cver=1&google_push=AXcoOmRAvr0YQlXVEDWYJTTkofjsGpbs0S6I3kyrabnZ0JdGf_196Xt94wDG-gmLQaf8I_czlKtUpc4m3xAYAIPJvasfa0QMIoo
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=872560550554&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=872560550554&us_privacy=1---
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=872560550554&us_privacy=1---
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8D2E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGgNup83ctZ5pRwbOYDyN2c&google_cver=1&google_push=AXcoOmTB2WpcQgG9BxkiZm2UioaB6Fz916DnLT803I0kGsIpxBcIEF3KW4HJy4hEPjPOoPPaGDkVNhtDK1gAD...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTB2WpcQgG9BxkiZm2UioaB6Fz916DnLT803I0kGsIpxBcIEF3KW4HJy4hEPjPOoPPaGDkVNhtDK1gADRDDU2i1IAW2WXQ&google_hm=b2FQTTBzSk8yZWlHQlpHW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTB2WpcQgG9BxkiZm2UioaB6Fz916DnLT803I0kGsIpxBcIEF3KW4HJy4hEPjPOoPPaGDkVNhtDK1gADRDDU2i1IAW2WXQ&google_hm=b2FQTTBzSk8yZWlHQlpHWGJGYjY=
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTB2WpcQgG9BxkiZm2UioaB6Fz916DnLT803I0kGsIpxBcIEF3KW4HJy4hEPjPOoPPaGDkVNhtDK1gADRDDU2i1IAW2WXQ&google_hm=b2FQTTBzSk8yZWlHQlpHWGJGYjY=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8D2E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECVcqfzGHQDUSnHoXQ3PRZg&google_cver=1&google_push=AXcoOmTD7Ch1bQF9e5rHkPj_ZMUDazfR1LBnXdmhBpMw5aY-QOdxmb8obnSxRrqTfEdGyuUqSphsBz7OzXJxL_N...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=75VtjvQJUThyUo15rWbu4SaEdkQ&google_push=AXcoOmTD7Ch1bQF9e5rHkPj_ZMUDazfR1LBnXdmhBpMw5aY-QOdxmb8obnSxRrqTfEdGyuUqSphsBz7OzXJxL_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=75VtjvQJUThyUo15rWbu4SaEdkQ&google_push=AXcoOmTD7Ch1bQF9e5rHkPj_ZMUDazfR1LBnXdmhBpMw5aY-QOdxmb8obnSxRrqTfEdGyuUqSphsBz7OzXJxL_NMGLArxgT6LrM
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=75VtjvQJUThyUo15rWbu4SaEdkQ&google_push=AXcoOmTD7Ch1bQF9e5rHkPj_ZMUDazfR1LBnXdmhBpMw5aY-QOdxmb8obnSxRrqTfEdGyuUqSphsBz7OzXJxL_NMGLArxgT6LrM
Date
Thu, 04 Jan 2024 08:56:34 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 8D2E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA3JGGcgVL7ODT-g2Orp_hc&google_cver=1&google_push=AXcoOmSrH7-owLVbjp1j7U9Y0AivvmejyysPr0HUkMjf2PWNv_t_nE3PayryKKKKjv1JXt8_vO6dMgj_lLGhQsHgtBuC1B6SZKg
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3MDEyMzE3MzMyOTY5MDM0NzgzOA%3D%3D&google_push=AXcoOmSrH7-owLVbjp1j7U9Y0AivvmejyysPr0HUkMjf2PWNv_t_nE3P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3MDEyMzE3MzMyOTY5MDM0NzgzOA%3D%3D&google_push=AXcoOmSrH7-owLVbjp1j7U9Y0AivvmejyysPr0HUkMjf2PWNv_t_nE3PayryKKKKjv1JXt8_vO6dMgj_lLGhQsHgtBuC1B6SZKg
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQ3MDEyMzE3MzMyOTY5MDM0NzgzOA%3D%3D&google_push=AXcoOmSrH7-owLVbjp1j7U9Y0AivvmejyysPr0HUkMjf2PWNv_t_nE3PayryKKKKjv1JXt8_vO6dMgj_lLGhQsHgtBuC1B6SZKg
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 8D2E
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESELaMriF4LrgPDvF-Jr2VrWw&google_cver=1&google_push=AXcoOmQNC1H2zkpZRdwMflFJEcaGcg1D77yXpQBAi936Bt8wev6d21LfhU2FEayNBBwyqOVKoiVF94vTkj_VP2fFDNq3SseV8XY
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3d%3d&mn_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQNC1H2zkpZRdwMflFJEcaGcg1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3d%3d&mn_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQNC1H2zkpZRdwMflFJEcaGcg1D77yXpQBAi936Bt8wev6d21LfhU2FEayNBBwyqOVKoiVF94vTkj_VP2fFDNq3SseV8XY&gdpr=&gdpr_consent=
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3d%3d&mn_hm=MzQ3MzYwMTkzMTUyMzY4ODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQNC1H2zkpZRdwMflFJEcaGcg1D77yXpQBAi936Bt8wev6d21LfhU2FEayNBBwyqOVKoiVF94vTkj_VP2fFDNq3SseV8XY&gdpr=&gdpr_consent=
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 04 Jan 2024 08:56:34 GMT
pixel
cm.g.doubleclick.net/ Frame 8D2E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJ24MyA-3HVYXWdv1SrtBoQ&google_cver=1&google_push=AXcoOmREJinVo9t8u6sA0cvREzePov2j5B5PDITTdwqDvzRaDveYnGwjnadQhV3VEJDXoGjYUPAoq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmREJinVo9t8u6sA0cvREzePov2j5B5PDITTdwqDvzRaDveYnGwjnadQhV3VEJDXoGjYUPAoq_IdeVe_TbndJ-pBHK-2KQ&google_hm=MzAxMTI5NjI1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmREJinVo9t8u6sA0cvREzePov2j5B5PDITTdwqDvzRaDveYnGwjnadQhV3VEJDXoGjYUPAoq_IdeVe_TbndJ-pBHK-2KQ&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmREJinVo9t8u6sA0cvREzePov2j5B5PDITTdwqDvzRaDveYnGwjnadQhV3VEJDXoGjYUPAoq_IdeVe_TbndJ-pBHK-2KQ&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
date
Thu, 04 Jan 2024 08:56:33 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8D2E
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEPutp2UJtgZH87lReaNp0Nk&google_cver=1&google_push=AXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-SyIHHFCvj
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauS...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-add1v_2kFmrLuV1IWzXia1m5QxUk_xpL3XjjokqSew&google_push=AXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-S...
  • https://cm.g.doubleclick.net/pixel?google_hm=OAE2LYx1QgNAGbPXJfHy&google_push=AXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-SyIHHFCvj&google_nid=inmobi_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=OAE2LYx1QgNAGbPXJfHy&google_push=AXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-SyIHHFCvj&google_nid=inmobi_new_eb
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=OAE2LYx1QgNAGbPXJfHy&google_push=AXcoOmRHABgcskK-xaPjFiowMXd6XGvP79NS7FVSr2_PdauSSj4sGzNL1i_wXegUK2Z0ByP_O7QWRDbj11Um3UG2cq-SyIHHFCvj&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
225
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 8D2E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ij-Eu-xejbwMIORpTtBgbmQ8jFgmOgLp6MeytBPh8QKm9tPmU0gYfho0k0J6jhm2TltRHJbw
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame D4B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbN2nwHKWZf-YDNTLjvQPxK6R2A-jprHLbIXIn6mtEMCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIoCT9BPNfzPGL7LFcSlARmpivVTpkNTb3aWlzy-aZmZlWDRJHJbwNQlul5qwRJQdxeCxGaRE3yhrCzoXjXCcm368fYjRMbj8jkEMlJqJV0zTy57Be-jO6YrLmXKHNnsWLEcvzlOWeEXsg03j1iNPLlbdVj5A97kyK1bHv2RQJUYS0zPU7EWjRbYkyjZs_yVYWvQIvsfqtoi7XFSxVg1KkMWJKs_lwbRBrF6_rXpQ7vG160eVw3KUGSzVhGipYech-6vQSzSLh4PfHB-h9lDXAOafjU2wtaZNSoWfTWI7VTrNqBPZT_0tEolg80h703SIGEHe1kncaSqJtOxPm1xtN6eRTUsVfaB8frbySvgBAGABoXknev655H46AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY17HTw67DgwOACgP6CwIIAYAMAeINEwiu4tPDrsODAxXUpYMIHURXBPvQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=ZBX_zm2_bw0&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_HKmtHwrmXDRSBsMgQWKaTL2LAdFuLNNf3vL_lt9gMr2JPBRjCZ_jLVWKkZO_LxAGaY-PE1J7CRgB&cbvp=2&vis=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
winnotice
trace.mediago.io/api/log/ Frame D4B8 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=5eb06ba9fbbfa86b57bce57aaa761ee7&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1704358592&dp=qrsraOZhpoqCRbN3fzqXOB9A2VsZ3BudhAp52AmN340&dsp_id=22&data=QlnUy7W-Ghf387wi70MYgkI79M1R5Y8umCfCTcKWnQtbOMpYAJd7m9xPfsLY6VwqFOiVrfxzqrHBCVtkdcVjqUhmJkfR0sVsYkBIJ0SeH6veK-lHWja9zJJCdRxmZ2329qXZCNknDQFuCUP6kArOpPNnG8hBDjxl_tDK38aOLEKMNaxtTNyrBjMeSqWHRd51KygLq6X8zF_peKLYLB2jUzm24bJamV9S8v_C9R-Y2Zzgjc2kHnJ0wjSEL-xEehVtL_XBIhfjgAGfKPieXtOk0KewF-Q6mw5sPI4ARFZVRRtxbZRwXCEu2nkouUeP7vtAFW9oeb9F9sTvow6BPh_xo3zRcHtjMMhCmWVxuoXhSeChn0ylBoxjs1u2HBVlMbPuUKrm0ebRuclwEIFNsFenlIdDJIghEfMYsptr-1CIMjHrDAYLJwY-BhBwtY-7ltzh0J8U5BchNVtz5KSAEtvZV9sypx-L8UXOo5EPJZU5G_yI7fub9M5rVL4i3TpW_kn5wwtILUW95srcKvOd-PVYJOk5lk0mWVjO4cpTNLFmAdj1wghjYyNsusdnKkPP1zV3naIVnczd_Z8zFe97oPuiQU81jXiRlQTUsZ8KzAP4fNEPZeVVORuw3BI3L_4kBLdD1bE61mG2TmvjWeTKPeseSvxGBH9qccSPv2147atk4sI&trackingid=04c2a8ced62f97e287b6c2780da42533&sp=qrsraOZhpoqCRbN3fzqXOB9A2VsZ3BudhAp52AmN340&cbvp=2
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
container.html
168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9FC8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 08:56:32 GMT
expires
Fri, 03 Jan 2025 08:56:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 54DF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 16:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
58538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 04 Jan 2024 16:40:56 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 54DF 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 12:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
73108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 04 Jan 2024 12:38:06 GMT
516d85f1a3fc778d26bcf79692ddf242.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/ Frame 54DF 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f7e50bd764fa1ec6652bc51c7e64a5ed5afb52a6b41d7b95704e593ab423f58
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 05:00:47 GMT
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39879
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
adview
securepubads.g.doubleclick.net/pagead/ Frame 1F44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxoPGwHKWZfiuDqvljvQP2aCRgA212dKJdZD0lKPBEquF1bKQDhABINjV2CtgyYaAgNyjxBCgAavn48EDyAEC4AIAqAMByAMIqgSSAk_QjCdztBqMhXE6pMPo_fRMuvHhelVsiwVoljgStetTvxPBwMS6MZ-iAY8vUjd_GWcmWNBdIQ2cGH46S9-fPWjQESQEnhVrFLQQR_j7BbSGDOL-8d8KzUShKSpVV0TY6Z-_cUzmlLCkr9dzRpc66blxGSIttaz04hqnQwl6_rryhFMsX_oOfhj4UfgW42UsZWD91vC0NujWnVEQriJbWxnw1vT_jTHWs4U1O0x6u4H-gmLJ0UN-Kh1QNz7K-POfFWz3gc1-SsBPgNegM_kICAxhaHFeRvaAjlbej3xjnv2ZB0cnd97R5c-Rac-sk-RAyZQIddo13UHJP-Zcxi6sg3Ndkw3LcGZzsB8qI2DsiJbAxu_ABM2U9LTIBOAEAYgFraav702gBgKAB72YnD6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCb4gjSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WOjP1cOuw4MDmgnVAWh0dHBzOi8vd3d3LnB1YmxpeC5jb20vZC9hbGwtY2F0ZWdvcmllcy9jOTA3NDg2OS03OTVlLTRlMzUtODRjMS01NTBiMTA0ZTg2MTg_ZmFjZXQ9cHJvbW9UeXBlJTNBJTNBdHJ1ZSUyRiUyRmZhY2V0TmF0aW9uYWxCcmFuZHMlM0ElM0FOZWxsaWVzJnV0bV9tZWRpdW09c2hvcHBlcm1hcmtldGluZyZ1dG1fc291cmNlPW5lbGxpZXMmdXRtX2NvbnRlbnQ9dGhlbWVkcHJvZ3JhbYAKA8gLAdoMEAoKENDBo6-HxM2NOxICAQPiDRMI4vrVw67DgwMVq7KDCB1ZUATQ2BMD0BUBmBYBgBcBshceChwIABIUcHViLTk1MTcxODUxMDYyODM2ODIYmNsQ&sigh=hJevLb2Pbqc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_wmFtGdIPKn4g_BUU2Knb-dGENWFJTrzdQK8qKFAQnJdTdGZVRuKKLhoCA8I07MMRBTbUoIXa8BgB&cbvp=2
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame A3E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjZ_ewHKWZc6JGIOojvQPrqmuuA7z3d2IdcLQwe3CEquF1bKQDhABINjV2CtgyYaAgNyjxBCgAavn48EDyAEC4AIAqAMByAMIqgSSAk_Qxg_RDEB7mPOZ8OKm_SzM0IhtS9PPFAS_f0_KwAKlGnWR1VlAT32R6wOMITqnKEeQsgmJWmfTaaqL7M7JdYPDxQ-BIoKCWrBTuxx_9R0kc2pJSMHytSk-T6eQiHVPPtK-AfZ8840lIjrBhDbraMsCBQ2O0Kv0MLuQgErR9ecR9i-2CV-kuJRf_e5qtaPKEz9pGGt5xq6-CGdWxTKKJ_1qA_S09NRoVvidQxoSuHMQ2yFX3q1x1FyReV--GIHKGICi927_uwyJE7TWy4DEiTgdLwivw-tsPyERnZep8h-v5603G7WiUlXzoR2u-ymGL46tMUyryvxMlVimtjKwYpmMvcJie3jkx3wAurT9mbWmqT_ABPWU9LTIBOAEAYgFsKav702gBgKAB72YnD6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC45gnSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WJy_38Ouw4MDmgnPAWh0dHBzOi8vd3d3LnB1YmxpeC5jb20vZC9hbGwtY2F0ZWdvcmllcy9jOTA3NDg2OS03OTVlLTRlMzUtODRjMS01NTBiMTA0ZTg2MTg_ZmFjZXQ9cHJvbW9UeXBlJTNBJTNBdHJ1ZSUyRiUyRmZhY2V0TmF0aW9uYWxCcmFuZHMlM0ElM0FGYWdlJnV0bV9tZWRpdW09c2hvcHBlcm1hcmtldGluZyZ1dG1fc291cmNlPWZhZ2UmdXRtX2NvbnRlbnQ9dGhlbWVkcHJvZ3JhbYAKA8gLAaIMCCoGCgS7u7EC2gwQCgoQ0LGzwMLwo6gUEgIBA-INEwjI6N_DrsODAxUDlIMIHa6UC-fYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTUxNzE4NTEwNjI4MzY4MhiY2xA&sigh=r5v4plZHyHM&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_taA2s2lYW1J-9NyJ8NiVdcEDEdO-TxgfuONQ3I56wNLKV_1nPlwCh0Gtm3J4BuCg1Luw0L54eRgB&cbvp=2
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 2B5D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFf9-rI5jgDMCtAchODAU7U&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFf9-rI5jgDMCtAchODAU7U&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXdiRXhHRXcxUmxqd0s1&google_gid=CAESEFf9-rI5jgDMCtAchODAU7U&google_cver=1&google_push=AXcoOmRQQERCrjFujxJ6byhOWl8ukBveWxXmyM2pOFSOio6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXdiRXhHRXcxUmxqd0s1&google_gid=CAESEFf9-rI5jgDMCtAchODAU7U&google_cver=1&google_push=AXcoOmRQQERCrjFujxJ6byhOWl8ukBveWxXmyM2pOFSOio6P_DKSNdWRSH5hReN_dcoMYwZKXf6E_UwZ05wXtyvJeEYEhRA56cXH
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0b2538fc440df48c9@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXdiRXhHRXcxUmxqd0s1&google_gid=CAESEFf9-rI5jgDMCtAchODAU7U&google_cver=1&google_push=AXcoOmRQQERCrjFujxJ6byhOWl8ukBveWxXmyM2pOFSOio6P_DKSNdWRSH5hReN_dcoMYwZKXf6E_UwZ05wXtyvJeEYEhRA56cXH
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B5D
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEGuSIu12NR8RuTHhZ4EVj-0&google_cver=1&google_push=AXcoOmTlRDWV2yHKg6rMn8Zr83n8a-h2DKs7rj0Zr4xDrbzpUF54FSLv_R01Ym8-K-uYzK6o7qJLE8jLLKDy6TIRrguo-65BbZLY
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTlRDWV2yHKg6rMn8Zr83n8a-h2DKs7rj0Zr4xDrbzpUF54FSLv_R01Ym8-K-uYzK6o7qJLE8jLLKDy6TIRrguo-65BbZLY&google_hm=UjMzNjQ1XzEwRUMw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTlRDWV2yHKg6rMn8Zr83n8a-h2DKs7rj0Zr4xDrbzpUF54FSLv_R01Ym8-K-uYzK6o7qJLE8jLLKDy6TIRrguo-65BbZLY&google_hm=UjMzNjQ1XzEwRUMwQzBGM19DRDAxMTk5NQ%3D%3D
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTlRDWV2yHKg6rMn8Zr83n8a-h2DKs7rj0Zr4xDrbzpUF54FSLv_R01Ym8-K-uYzK6o7qJLE8jLLKDy6TIRrguo-65BbZLY&google_hm=UjMzNjQ1XzEwRUMwQzBGM19DRDAxMTk5NQ%3D%3D
Date
Thu, 04 Jan 2024 08:56:33 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-387363394; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
346
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 2B5D
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFJKGkl-0YhP7cvLuwOPt3g&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTQ0NGY2MzEtMjE3ZC00ZDkyLWE2NjItMGI3OTFkYzJiYmJh&google_gid=CAESEFJKGkl-0YhP7cvLuwOPt3g&google_cver=1&google_push=AXcoOmSZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTQ0NGY2MzEtMjE3ZC00ZDkyLWE2NjItMGI3OTFkYzJiYmJh&google_gid=CAESEFJKGkl-0YhP7cvLuwOPt3g&google_cver=1&google_push=AXcoOmSZrrKNrU4_j0RsyGsEARmUUO6zZP5C368MD8jwDbICopOB6l7CubregJUyUsQA79N1WLLy73b0n1--CyrF2ms-z6XWRQ_g
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTQ0NGY2MzEtMjE3ZC00ZDkyLWE2NjItMGI3OTFkYzJiYmJh&google_gid=CAESEFJKGkl-0YhP7cvLuwOPt3g&google_cver=1&google_push=AXcoOmSZrrKNrU4_j0RsyGsEARmUUO6zZP5C368MD8jwDbICopOB6l7CubregJUyUsQA79N1WLLy73b0n1--CyrF2ms-z6XWRQ_g
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B5D
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEpD1rNKry4-UdH3Jgp4Zgs&google_cver=1&google_push=AXcoOmRTDK9v_2eGSkTjJWZCp5VK2TBg-pbHo4vE2LSZOrsijFo80HBxYDzNd-iNLsfMqWtx68wKF1z4Vc9glJSqQbwAak3yJTn5
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=872560550568&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=872560550568&us_privacy=1---
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=872560550568&us_privacy=1---
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2B5D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDn3dGiN58ksejjXjUafn7Y&google_cver=1&google_push=AXcoOmSswvVDHOR6RAJQ-FZMl9eVNA333JmA_n0MmXim2wn8RabjVXO4AdfUa14haIBjzJG5dfBMhIsKa007k-RQ1-Xt...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSswvVDHOR6RAJQ-FZMl9eVNA333JmA_n0MmXim2wn8RabjVXO4AdfUa14haIBjzJG5dfBMhIsKa007k-RQ1-XtG8h7pxpH&google_hm=l8b1os1UQwOPhrlz96TkbA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSswvVDHOR6RAJQ-FZMl9eVNA333JmA_n0MmXim2wn8RabjVXO4AdfUa14haIBjzJG5dfBMhIsKa007k-RQ1-XtG8h7pxpH&google_hm=l8b1os1UQwOPhrlz96TkbA==
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSswvVDHOR6RAJQ-FZMl9eVNA333JmA_n0MmXim2wn8RabjVXO4AdfUa14haIBjzJG5dfBMhIsKa007k-RQ1-XtG8h7pxpH&google_hm=l8b1os1UQwOPhrlz96TkbA==
Date
Thu, 04 Jan 2024 08:56:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame 2B5D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOjc0Gd4HATtkYWsHNmTZu0&google_cver=1&google_push=AXcoOmTfxB8ctEHLs-zl_fdTUgqvCiWudfEAvo4GA20Y6OCkfByuq423Da8mHUNVVhVX9_oIiMgZAoJhoIR...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTfxB8ctEHLs-zl_fdTUgqvCiWudfEAvo4GA20Y6OCkfByuq423Da8mHUNVVhVX9_oIiMgZAoJhoIRuz-if7UVGU_xpHCuSkA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B5D
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAjI_HhNARvh8QQMtJgOBuU&google_cver=1&google_push=AXcoOmT19tDRvEQ6cmfmqfeClbNI8lCPtPijmqsYyj5mW-6AgsZzHLWSa4yzeVgYt4V...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT19tDRvEQ6cmfmqfeClbNI8lCPtPijmqsYyj5mW-6AgsZzHLWSa4yzeVgYt4V2xibcaZGTDr_UcpSc3YowSEhIayaOY6PnUg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT19tDRvEQ6cmfmqfeClbNI8lCPtPijmqsYyj5mW-6AgsZzHLWSa4yzeVgYt4V2xibcaZGTDr_UcpSc3YowSEhIayaOY6PnUg
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
1462c23
date
Thu, 04 Jan 2024 08:56:34 GMT
x-bytefaas-request-id
2024010408563462BCBC2D497E2221718F
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24010408563462BCBC2D497E2221718F-4537D4CD49555E59-00
x-cache
TCP_MISS from a23-209-100-87.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024010408563462BCBC2D497E2221718F
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT19tDRvEQ6cmfmqfeClbNI8lCPtPijmqsYyj5mW-6AgsZzHLWSa4yzeVgYt4V2xibcaZGTDr_UcpSc3YowSEhIayaOY6PnUg
x-bytefaas-execution-duration
3.88
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
011dfe39ca07daf9d8ccc7c719765f296be0a4d89b29e24040d815443dca8723ec84fa8779b8da2cb71914b4fd2040f98e71d2d3b727f29a66d4ca6b19784dcdff9684db3f4991fca05f17c19830d9ea36c570a7a52d6a4c2f26dc097726846af1
x-origin-response-time
8,23.209.100.87
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Thu, 04 Jan 2024 08:56:34 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2B5D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlKFNZyRd3vcGdQf3TS24FkX3kAoykIKvGM8Ec020RJDivgFLebxGLfBcC9Pdv0MsgBzCTVtE
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 6831
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJDHqkY6ct2lgTibQgHrS40&google_cver=1&google_push=AXcoOmTbbbcVAYFO1rKwK6IwK3Z4TUwl3FSasL9s6B6X8FtV9iom_fI...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=95860097b10076b&is_secure=true&networkId=14000&version=1&google_gid=CAESEJDHqkY6ct2lgTibQgHrS40&google_cver=1&google_push=AXcoOmTbbbcVA...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACWMpEdPzD1gMpeurtAAAAAAA&expiration=1704444994&google_cver=1&is_secure=true&google_gid=CAESEJDHqkY6ct2lgTibQgHrS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACWMpEdPzD1gMpeurtAAAAAAA&expiration=1704444994&google_cver=1&is_secure=true&google_gid=CAESEJDHqkY6ct2lgTibQgHrS40&google_push=AXcoOmTbbbcVAYFO1rKwK6IwK3Z4TUwl3FSasL9s6B6X8FtV9iom_fILfXRBLhFdQIQAsWP4t0bcMfZDiodf8jW8etCRF6winnT2
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACWMpEdPzD1gMpeurtAAAAAAA&expiration=1704444994&google_cver=1&is_secure=true&google_gid=CAESEJDHqkY6ct2lgTibQgHrS40&google_push=AXcoOmTbbbcVAYFO1rKwK6IwK3Z4TUwl3FSasL9s6B6X8FtV9iom_fILfXRBLhFdQIQAsWP4t0bcMfZDiodf8jW8etCRF6winnT2
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6831
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPTXCnQxFGsSlDilIfwqPIs&google_cver=1&google_push=AXcoOmSTOjqyr7wkQH5QKy5QJDzz-HtlrYY42CVK7xH93TrsFUpj2sNxCAHVTazTkwlK-tb4ZzCAMIASdyw3-8jNnx...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 6831
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDuxXyacchcN2GETWN98qs0&google_cver=1&google_push=AXcoOmQOpNK0ORTzIHBwwCI4dRsMeyRPJzhcIlIOvW8Re21nNgqkI19Orrh0PQH8r_gB2yjaC_XeNIAltYenR...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQOpNK0ORTzIHBwwCI4dRsMeyRPJzhcIlIOvW8Re21nNgqkI19Orrh0PQH8r_gB2yjaC_XeNIAltYenRolanewgGcbhyZI&google_hm=b2FQTTBzSk8yZWlHQlpHW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQOpNK0ORTzIHBwwCI4dRsMeyRPJzhcIlIOvW8Re21nNgqkI19Orrh0PQH8r_gB2yjaC_XeNIAltYenRolanewgGcbhyZI&google_hm=b2FQTTBzSk8yZWlHQlpHWGJGYjY=
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQOpNK0ORTzIHBwwCI4dRsMeyRPJzhcIlIOvW8Re21nNgqkI19Orrh0PQH8r_gB2yjaC_XeNIAltYenRolanewgGcbhyZI&google_hm=b2FQTTBzSk8yZWlHQlpHWGJGYjY=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 6831
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELpkxdqtL2vV2z-4DJJjhnA&google_cver=1&google_push=AXcoOmTWtRsVjKiCnySKEiM-zGJY8VYnfpPedSn9FdPqF6VlD6nKAiMyT2Y0aWxYlg7lPDO9E3dKeIMI2u9foy3q...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=331d97c4aa&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/smaato/?cb=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001748%26dspCookie%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=,
  • https://s.ad.smaato.net/c/?dspId=1001748&dspCookie=&gdpr=0&gdpr_consent=,&gdpr=0&gdpr_consent=,
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=331d97c4aa&gdpr=0&gdpr_consent=,,,
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=331d97c4aa&gdpr=0&gdpr_consent=,,,
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60972

Redirect headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=331d97c4aa&gdpr=0&gdpr_consent=,,,
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
rkvtDbWjC0SQ_e8pbsMy9EBUL3wQTHb2b-j1bnl2OcKeDQrqfps-Mw==
report
sync.teads.tv/um/ Frame 6831
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBsS10rf4nBX...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzFkZjEyOTgtNzQzZi00ZTU0LWJiMjctNzM1NmE2YmI4ZDZj&google_push=AXcoOmTRCBvA_wtgUgQEArcEgh0p64PkF00QIBW7cQfu7FGVIoh_n7QycXJRibO_WtDTi...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-47.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 08:56:34 GMT
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6831
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESENNJHrvSxYVO9eCeKAd3p5I&google_cver=1&google_push=AXcoOmRdNew5bPA63uIqRSPuMlF9Bp79DHJMESzdUD6iX0K207MKr-kMdRm01PRSErNwl1d_KA03tDbuK_km9WmH9XylX...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRdNew5bPA63uIqRSPuMlF9Bp79DHJMESzdUD6iX0K207MKr-kMdRm01PRSErNwl1d_KA03tDbuK_km9WmH9XylXT7a8C2Rsw&google_hm=746ded221a01...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRdNew5bPA63uIqRSPuMlF9Bp79DHJMESzdUD6iX0K207MKr-kMdRm01PRSErNwl1d_KA03tDbuK_km9WmH9XylXT7a8C2Rsw&google_hm=746ded221a01ed952t9qag00lqyz3mox
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRdNew5bPA63uIqRSPuMlF9Bp79DHJMESzdUD6iX0K207MKr-kMdRm01PRSErNwl1d_KA03tDbuK_km9WmH9XylXT7a8C2Rsw&google_hm=746ded221a01ed952t9qag00lqyz3mox
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 6831
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEL7fxo3HPJiTeG7l9Y8k-v8&google_cver=1&google_push=AXcoOmS81eq29IKDF...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjM2OTc5ODUwNjkzNzA4NzY1&google_gid=CAESEL7fxo3HPJiTeG7l9Y8k-v8&google_cver=1&google_push=AXcoOmS81eq29IKDF6Q4Fms2beb15dDDQD1pv1Kbxg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjM2OTc5ODUwNjkzNzA4NzY1&google_gid=CAESEL7fxo3HPJiTeG7l9Y8k-v8&google_cver=1&google_push=AXcoOmS81eq29IKDF6Q4Fms2beb15dDDQD1pv1Kbxg6KBXbWd0_jDxiWxGpxtOu3IhXIbSaflzlHmiMQI21O4rK8fJ104pNSBkGhaA
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
an-x-request-uuid
6db9cf88-4d1c-473d-bab1-1f72dd754ad2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjM2OTc5ODUwNjkzNzA4NzY1&google_gid=CAESEL7fxo3HPJiTeG7l9Y8k-v8&google_cver=1&google_push=AXcoOmS81eq29IKDF6Q4Fms2beb15dDDQD1pv1Kbxg6KBXbWd0_jDxiWxGpxtOu3IhXIbSaflzlHmiMQI21O4rK8fJ104pNSBkGhaA
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6831 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwlRENNbT5knQkQvHdMleSHCFEBMjjyZSkfruGLD9vyjGdCf0ZYpVzbg5YNVObupKzaHtWAwN6
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
manage
router.infolinks.com/usync/ Frame E02A 		13 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf4408e56916ed3de748d7bfd02355bc90f91d560507504abf6c6605f499163

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
840244dff81e5c64-MIA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Jan 2024 08:56:34 GMT
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		282 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42bbd210c90ea80c9268bff5dec93d971edb7e1a3623c68f4cfed79447e9183

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript;charset=ISO-8859-1
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
840244dff8205c64-MIA
gsd
router.infolinks.com/ 		327 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3245929&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&jsv=1914.009-3.034&_cb=17043585945380
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c8f1cd9db165f31e10ae9e6871cf1c95251abf4d06b75e963ac134ce27b0b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
840244dff8215c64-MIA
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9E99 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TYPBY45R403A282G80K0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 7244
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLN3BVN0xMT1lBQUJaN1VheVJpdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAK7pU7LLOYAABZ7UayRiw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3011296250024499263&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAK7pU7LLOYAABZ7UayRiw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3011296250024499263%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3011296250024499263&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AAK7pU7LLOYAABZ7UayRiw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3011296250024499263%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3011296250024499263&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAK7pU7LLOYAABZ7UayRiw&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.69.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-69-99.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT

Redirect headers

content-length
95
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame AFF4 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:34 GMT
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4F1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6lyTE6PaS6qleWX35KfPdQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=130867
accept-ranges
bytes
content-length
5622
expires
Fri, 05 Jan 2024 21:17:41 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 4F1D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttd_puid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttd_puid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttd_puid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 4F1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 4F1D 		37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 4F1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUE1QzkzMTMtQTNEQS00QkFBLUE1NzktNjVGN0U0QTdDRjc1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4F1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED_YHbpzPl2h2AzZ4FdV8O8&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED_YHbpzPl2h2AzZ4FdV8O8&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 03:44:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED_YHbpzPl2h2AzZ4FdV8O8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4F1D
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:42D3FF6D47FB4FDCBA093AD588E3B0A1
42 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:42D3FF6D47FB4FDCBA093AD588E3B0A1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 04:55:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:42D3FF6D47FB4FDCBA093AD588E3B0A1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 03 Jan 2024 08:56:34 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4F1D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
42 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 08:56:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Kestrel
content-length
355
EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4F1D 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:6096:7d74:cf85:e5f3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 4F1D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_AZKbVZE2uUQaXtmw..IYSa1_xfC3J8-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_AZKbVZE2uUQaXtmw..IYSa1_xfC3J8-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_AZKbVZE2uUQaXtmw..IYSa1_xfC3J8-~A&gdpr=0
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 4F1D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&gdpr=0&gdpr_consent=
1 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:56:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&gdpr=0&gdpr_consent=
Date
Thu, 04 Jan 2024 08:56:34 GMT
Connection
keep-alive
X-CI-RTID
c3c5e45c-0903-49ef-80a9-9f8e11aaa2ef
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 4F1D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7995778992001487599&gdpr=0&gdpr_consent=&us_privacy=
1 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7995778992001487599&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:56:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7995778992001487599&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
view
securepubads.g.doubleclick.net/pcs/ Frame 9FB8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZIWdn338YiEVPVH15xS2e1YCm5kFrc51kv9tJ4SfPcBVE92UrxuM-OlKbT_-9OU6EkvoaMtCfprjrSVUjDJcfLtGeM0Uw3WzUsAggMl91qJl0RG5VFxatlBGnyLKvx-FgT4WPJP4vt7uqF_j4O73YSFTkq86cEBJhrSPZLMGG0jJpCmspDC2YkRN2MjCv5xWRuX4ScZ0qCRZJp-9mpQwZr08hb2ceBuk6Uwulr_Z-g2iNIp3IB_V8EmC1VYAqpq04n0Jh-_F1zr9i3jd7BUbxtY2_tyMfmJzcMiMY0uCe8sYDJab6tyRKuyNYEIYht_cpVa06Rw4a0cVm1p4N9zEKEl59mkZGzPdSNoCQMoGgsRjN49fp6v4xOE0yGqkksZfblAnWh2c4nUdb&sai=AMfl-YRyLtaU8cTOON5pKSQGjfF2qsrjJsI9PwVAja5fYAjH-UWXgzhKNA-7INU8aGVtPg78P-jGKBNztcsrEY-ztG1yFy5jnmaVb6ZOptr5mn4Bff9lczZlkuv6zxLfpWI&sig=Cg0ArKJSzEr-kav-qimXEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 04 Jan 2024 08:56:34 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 54B5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:52:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
43444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 20:52:30 GMT
9.gif
id5-sync.com/c/1013/1246/0/
Redirect Chain
  • https://id5-sync.com/i/1013/8.gif?id5id=ID5*ErV7mcwsu74ZGqb1O4oqShiIputm9eCyOAxnS9GbjdN6ADwRxytSqx2WgaG344SYegEPD1f4ojUOjt4QlOjaJw&o=api&gdpr_consent=undefined&gdpr=false
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_co...
  • https://id5-sync.com/c/1013/108/7/2.gif?puid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttl=%%TTL%%
  • https://ce.lijit.com/merge?pid=27&3pid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F1245%2F5%2F4.gif%3Fpuid%3D%5BSOVRNID%5D...
  • https://id5-sync.com/c/1013/1245/5/4.gif?puid=H7yYaLZHttzIvJpmTweNNASm&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-add1v_2kFmrLuV1IWzXia1m5QxUk_xpL3XjjokqSew&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1013%2F124%2F4%2F5.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-add1v_2kFmrLuV1IWzXia1m5QxUk_xpL3XjjokqSew&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1013%2F124%2F4%2F5.gif%3F...
  • https://id5-sync.com/cq/1013/124/4/5.gif?puid=f501ae40-c8fe-4c1d-be07-b5ee7674725a&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F429%2F3%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1013/429/3/6.gif?puid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F796%2F2%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consen...
  • https://id5-sync.com/c/1013/796/2/7.gif?puid=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F203%2F1%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/1013/203/1/8.gif?puid=dfd9c401-4826-49c5-a91b-134ec9897dcf&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=636979850693708765&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F1246%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/1013/1246/0/9.gif?puid=H7yYaLZHttzIvJpmTweNNASm&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/1013/1246/0/9.gif?puid=H7yYaLZHttzIvJpmTweNNASm&gdpr=0&gdpr_consent=
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/1013/1246/0/9.gif?puid=H7yYaLZHttzIvJpmTweNNASm&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame DBA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQYZ3LUL-20-86GL
  • https://usersync.gumgum.com/usersync?b=mag&i=LQYZ3LUL-20-86GL
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LQYZ3LUL-20-86GL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LQYZ3LUL-20-86GL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame 9FC8 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 02 Apr 2024 09:18:44 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame 9FC8 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 20:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Mar 2024 20:48:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 9FC8 		2 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame 9FC8 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 00:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Apr 2024 00:23:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 9FC8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 9FC8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:15:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
67242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:15:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 9FC8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
48782
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FC8 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:56:34 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 9FC8 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Mar 2024 14:54:51 GMT
pixel
protected-by.clarium.io/ Frame 9FC8 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31hj9r0i7j&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDExNjUxODMwMS9JTjQ0Tk0vSU40NE5NLUREQS5CIiwieSI6NTY1NDk2LCJjbyI6MCwicyI6Im1tdC00MjU4YWZlYS05NjBmLTQxOWEtOWNkMy1kOWIzOTQzNzQyMjBfMV8yX2FkIn19&cb=7962638&h=duperb-shop.ngontinh24.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CE5C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEOHJBl8Dzh61g2UmLWERRjM&google_cver=1&google_push=AXcoOmTyeB212Tt4T9HXPztwh8Hs__eri6mBqos5PrRMdCa3V_JpJjJtrra_3w1BSuooMXktwFngyxfAcrjhCyh0vMnLwUVxOGw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=42D3FF6D47FB4FDCBA093AD588E3B0A1&google_push=AXcoOmTyeB212Tt4T9HXPztwh8Hs__eri6mBqos5PrRMdCa3V_JpJjJtrra_3w1BSuooMXktwFngyxfAcrjhCyh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=42D3FF6D47FB4FDCBA093AD588E3B0A1&google_push=AXcoOmTyeB212Tt4T9HXPztwh8Hs__eri6mBqos5PrRMdCa3V_JpJjJtrra_3w1BSuooMXktwFngyxfAcrjhCyh0vMnLwUVxOGw
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=42D3FF6D47FB4FDCBA093AD588E3B0A1&google_push=AXcoOmTyeB212Tt4T9HXPztwh8Hs__eri6mBqos5PrRMdCa3V_JpJjJtrra_3w1BSuooMXktwFngyxfAcrjhCyh0vMnLwUVxOGw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 03 Jan 2024 08:56:34 GMT
pixel
cm.g.doubleclick.net/ Frame CE5C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELLTgWPemF-TUCfpycq3CjI&google_cver=1&google_push=AXcoOmT5IjLxZ3JOR2WRTZWG-6koYOtHuR-Q0w0xpVhTduSjaZANujjLDkqv-n122ckEThxoRrgFXZfeC4nwr00x4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk2ZmY1YTgtNTA5YS00YWQ3LTllN2UtNWY2ZGZjYjQyMjA1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
date
Thu, 04 Jan 2024 08:56:34 GMT
server
Kestrel
content-length
423
asr
aid.send.microad.jp/g/ Frame CE5C 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEEu6Tp_bTwc-IleHQkYChoc&google_cver=1&google_push=AXcoOmRXu8CH6hm6OH0Th3ZCY2AlKZmqRuK0HftJ3h_eVKLpLnsgjji15UkuTByqhIxXMS8r_rW_ghavQVPawFntQldCOTbbat5k
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:35 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame CE5C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_hm=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&google_nid=index&google_push=AXcoOmTh3z7Mn8DP2Stluh1ij1awnPJBDrrfQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_hm=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&google_nid=index&google_push=AXcoOmTh3z7Mn8DP2Stluh1ij1awnPJBDrrfQKUbhsy5yzgyS3Tx3D5fhQrJbV62BWHEa9sRlxN_MZRnE6-cGg6BtU6KnFbcmpSH
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NfgHcUKz1Nn7NVejaaPpqqn1io6DG0zSRdhzPtW8sPrnyKHJahk%2FN4xYU0QiRjPkaDepkcfzj39mA%2BRBuGUE%2BWshxFywjT0bRTWkiIzAkeOfbYOCY5sPItE7n69gdNBEuMNSFr9ESy3xw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_hm=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&google_nid=index&google_push=AXcoOmTh3z7Mn8DP2Stluh1ij1awnPJBDrrfQKUbhsy5yzgyS3Tx3D5fhQrJbV62BWHEa9sRlxN_MZRnE6-cGg6BtU6KnFbcmpSH
cache-control
no-cache
cf-ray
840244e2cfbe74c6-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame CE5C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJCaOtKJW7ekA23FCQg88NY&google_cver=1&google_push=AXcoOmSrtqttLx1mq9iBfGcOKaLVxcpK-erv4myDlrUVPmzDr5JPJdv4cOtOjf9F0qqpx9Q_jSqjZt...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSrtqttLx1mq9iBfGcOKaLVxcpK-erv4myDlrUVPmzDr5JPJdv4cOtOjf9F0qqpx9Q_jSqjZtkRdb0BgGtgxzjQyN82e6Uc&google_hm=MzAxMTI5Nj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSrtqttLx1mq9iBfGcOKaLVxcpK-erv4myDlrUVPmzDr5JPJdv4cOtOjf9F0qqpx9Q_jSqjZtkRdb0BgGtgxzjQyN82e6Uc&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSrtqttLx1mq9iBfGcOKaLVxcpK-erv4myDlrUVPmzDr5JPJdv4cOtOjf9F0qqpx9Q_jSqjZtkRdb0BgGtgxzjQyN82e6Uc&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
date
Thu, 04 Jan 2024 08:56:34 GMT
content-length
0
/
onetag-sys.com/match/ Frame CE5C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOR97lrEJTwCDw-u45ueqd0&google_cver=1&google_push=AXcoOmQKzAfBto-zvUguZmyLhGXZxqg_i4P91fLLEUNK_2EDj0OsKtx5FHPHWK1RGcicQCI5KplHJKWTQM8...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQKzAfBto-zvUguZmyLhGXZxqg_i4P91fLLEUNK_2EDj0OsKtx5FHPHWK1RGcicQCI5KplHJKWTQM8tQrqpwWIfsY_riPkBxg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CE5C
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEOZlhzfv5mpEmf14M4o30iA&google_cver=1&google_push=AXcoOmSPXLsmKsXwGOey7BRPVf9Xm2iyVpsCYo2oM7IEIevcncM6ahNdB_6pHUbWl7s...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSPXLsmKsXwGOey7BRPVf9Xm2iyVpsCYo2oM7IEIevcncM6ahNdB_6pHUbWl7s0F3Yt1fiaHdsBXPG8revwLFk9UuF0sywIUg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSPXLsmKsXwGOey7BRPVf9Xm2iyVpsCYo2oM7IEIevcncM6ahNdB_6pHUbWl7s0F3Yt1fiaHdsBXPG8revwLFk9UuF0sywIUg
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
1462d63
date
Thu, 04 Jan 2024 08:56:34 GMT
x-bytefaas-request-id
2024010408563462BCBC2D497E222171A2
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24010408563462BCBC2D497E222171A2-5EEF37B97BE2D823-00
x-cache
TCP_MISS from a23-209-100-87.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=7
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024010408563462BCBC2D497E222171A2
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSPXLsmKsXwGOey7BRPVf9Xm2iyVpsCYo2oM7IEIevcncM6ahNdB_6pHUbWl7s0F3Yt1fiaHdsBXPG8revwLFk9UuF0sywIUg
x-bytefaas-execution-duration
3.33
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
011dfe39ca07daf9d8ccc7c719765f296be0a4d89b29e24040d815443dca8723ec84fa8779b8da2cb71914b4fd2040f98eb3bcdb4dc647424a07d3ea96ebfe640ac1b273cdebc714a83d391395cf6191a1b6f96a0c6d4ca6603158aec8fb0d9565
x-origin-response-time
7,23.209.100.87
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Thu, 04 Jan 2024 08:56:34 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CE5C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGP1PR-iqw_hOMcGau6-CFBZamdgqp1jeP7gBerkk0BKjSlqVgqZAjnjh9yFpfLJEmEB7Nyx8
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
hde.tynt.com/deb/ Frame 52EE
Redirect Chain
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4afb26be16e5f3fd6c668ad16595e946ab4efda06cd386799f2a901931a7e3ec

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1403
content-type
text/html
date
Thu, 04 Jan 2024 08:56:34 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 04 Jan 2024 08:56:34 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usermatch
ssum-sec.casalemedia.com/ Frame 22D0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c67f3753e4594d2647a01c88ae2ce8715234f8f721e3683a0ff20085c7673ba

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
840244e29fa674c6-MIA
content-encoding
br
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0Xy4wTCjMbBKYSu5qPKsML9j6ej%2FhiiD77bhY4G7HdBJXwC0auIuxy9lAh6DG7Dckdfocpu3SVB%2FjOsamWyQ46BtwA3oUKCvZmNnc%2FJepm21peK2feh8mh3UtFpu2ybYTbIe90HeZfEng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
840244e22f6474c6-MIA
content-length
0
date
Thu, 04 Jan 2024 08:56:34 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWDTiVkBkVReGnulKAm4AM%2BEjuA7SzsXESUU7f68MhPS3rCkPrOJvKgBzVDQDBWfQ00Xr8FbKnEXt0ueEpBJMBgpLgwdZ7lMIUWUzFevGtm6tLQYZ2pkFRnvHS0I4porv5YcabCKiT69sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BE59 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usersync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=19989a4361a90581&is_secure=true&networkId=17100&version=1&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAClYqgdsPlNAN7ny68AAAAAAA&expiration=1704444995&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DEA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&us_privacy=%24%7BUS_PRIVAC...
  • https://router.infolinks.com/dyn/usersync?pmuservalue=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
840244e7edb35c64-MIA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=636979850693708765
35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=636979850693708765
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e28a195c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
an-x-request-uuid
33d89570-51a4-4c3b-b7c4-96dfe43b2f77
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://router.infolinks.com/dyn/apn-usync?user_id=636979850693708765
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sthr-us
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=k0cy4N0g
  • https://router.infolinks.com/dyn/sthr-us?user_id=d47d5a5d-7b3c-413f-a3f9-885860ad57ae
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sthr-us?user_id=d47d5a5d-7b3c-413f-a3f9-885860ad57ae
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e249f75c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:34 GMT

Redirect headers

location
https://router.infolinks.com/dyn/sthr-us?user_id=d47d5a5d-7b3c-413f-a3f9-885860ad57ae
date
Thu, 04 Jan 2024 08:56:34 GMT
content-length
0
iqm-us
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://pxl.iqm.com/i/ck/infolink?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fiqm-us%3Fuid%3D%7BIQM_COOKIE%7D%20
  • https://router.infolinks.com/dyn/iqm-us?uid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5
35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iqm-us?uid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e31a695c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:35 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/avif;charset=UTF-8
location
https://router.infolinks.com/dyn/iqm-us?uid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
81
eqv-us
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=112&gdpr=0&gdpr_consent=
  • https://router.infolinks.com/dyn/eqv-us?user_id=3011296250024499263&gdpr=0&gdpr_consent=
35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/eqv-us?user_id=3011296250024499263&gdpr=0&gdpr_consent=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e249f65c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:34 GMT

Redirect headers

location
https://router.infolinks.com/dyn/eqv-us?user_id=3011296250024499263&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:34 GMT
content-length
0
ox-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5
35 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e239ed5c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:34 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://router.infolinks.com/dyn/ox-usync?uid=e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
receive
pixel.tapad.com/idsync/ex/ Frame E02A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t~A
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t~A
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=636979850693708765&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=636979850693708765&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
an-x-request-uuid
6a649557-ec32-4e47-b78d-1c44ebe07a4c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=636979850693708765&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E02A
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7476441822
  • https://sync.1rx.io/usersync/tradedesk/096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-d414429b-91ca-4e...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd414429b91ca4e66977e78ebb86b19bc005
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=oaPM0sJO2eiGBZGXbFb6
35 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=oaPM0sJO2eiGBZGXbFb6
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e28a185c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:34 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:34 GMT
Content-Type
text/html; charset=utf-8
Location
https://router.infolinks.com/dyn/zmn-usync?uid=oaPM0sJO2eiGBZGXbFb6
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
90
Expires
Thu, 01 Dec 1994 16:00:00 GMT
tplift
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/tplift?uid=2470123173329690347838
35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/tplift?uid=2470123173329690347838
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e249f85c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:34 GMT

Redirect headers

location
https://router.infolinks.com/dyn/tplift?uid=2470123173329690347838
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sonobi-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
  • https://router.infolinks.com/dyn/sonobi-usync?uid=6e6e8eff-b5f9-4db9-b257-c5768bc40410
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sonobi-usync?uid=6e6e8eff-b5f9-4db9-b257-c5768bc40410
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e36a965c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-55
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://router.infolinks.com/dyn/sonobi-usync?uid=6e6e8eff-b5f9-4db9-b257-c5768bc40410
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
server_match
ad.360yield.com/ Frame E02A 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.218.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-218-249.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 04 Jan 2024 08:56:35 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://router.infolinks.com/dyn/outh-usync?uid=y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1~A
35 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e2ea505c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1~A
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
qora-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=208912&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fqora-usync%3Fuid%3D%7BUID%7D
  • https://ap.lijit.com/pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D208912%26dsp%3D420324%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=208912&dsp=420324&t=image&uid=H7yYaLZHttzIvJpmTweNNASm
  • https://router.infolinks.com/dyn/qora-usync?uid=A6889557712162601980
35 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/qora-usync?uid=A6889557712162601980
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e51be85c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/qora-usync?uid=A6889557712162601980
Date
Thu, 04 Jan 2024 08:56:35 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
0
frwh-us
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3695&gdpr=&gdpr_consent=
  • https://router.infolinks.com/dyn/frwh-us?user_id=ba29f0725862814f34312b35923b1c62&gdpr_consent=&gdpr=
35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/frwh-us?user_id=ba29f0725862814f34312b35923b1c62&gdpr_consent=&gdpr=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e62c9a5c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://router.infolinks.com/dyn/frwh-us?user_id=ba29f0725862814f34312b35923b1c62&gdpr_consent=&gdpr=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704358595483026-13
sovrn-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=H7yYaLZHttzIvJpmTweNNASm
35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=H7yYaLZHttzIvJpmTweNNASm
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e44b005c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

Date
Thu, 04 Jan 2024 08:56:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=H7yYaLZHttzIvJpmTweNNASm
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame E02A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=173b4786db7c069b&is_secure=true&networkId=17100&version=1&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABcSc2fYNP5AMmLK9uAAAAAAA&expiration=1704444995&nuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
3.217.69.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-69-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
mnet-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
  • https://router.infolinks.com/dyn/mnet-usync?uid=3473601931523688000V10
35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/mnet-usync?uid=3473601931523688000V10
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e36a9a5c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://router.infolinks.com/dyn/mnet-usync?uid=3473601931523688000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 04 Jan 2024 08:56:35 GMT
mgid-us
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://cm-x.mgid.com/5abf3d2eff2f70c0a0669cd9f0f84ba0.gif?puid=[UID]&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmgid-us%3Fuser_id%3D%5BUID%5D
  • https://router.infolinks.com/dyn/mgid-us?user_id=24e02afd-9be6-4ed8-9445-99318014a9e7
35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/mgid-us?user_id=24e02afd-9be6-4ed8-9445-99318014a9e7
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e51be75c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Transfer-Encoding
chunked
Location
https://router.infolinks.com/dyn/mgid-us?user_id=24e02afd-9be6-4ed8-9445-99318014a9e7
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E02A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2597021795
  • https://sync.1rx.io/usersync/tradedesk/096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-d414429b-91ca-4e...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd414429b91ca4e66977e78ebb86b19bc005
content-type
text/html
qc-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
  • https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e40ae65c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
zeta-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=1797288129605757534
35 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=1797288129605757534
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e6cce15c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=1797288129605757534
Date
Thu, 04 Jan 2024 08:56:35 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
disus
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
  • https://router.infolinks.com/dyn/disus?uid=ua-d400ded6-2d9e-327e-a8ba-f5c0ce55b761
35 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/disus?uid=ua-d400ded6-2d9e-327e-a8ba-f5c0ce55b761
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e4cb845c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

location
https://router.infolinks.com/dyn/disus?uid=ua-d400ded6-2d9e-327e-a8ba-f5c0ce55b761
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-store
content-length
0
expires
0
33a-usync
router.infolinks.com/dyn/ Frame E02A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
  • https://router.infolinks.com/dyn/33a-usync?uid=212406146400894
35 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/33a-usync?uid=212406146400894
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e4fb975c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://router.infolinks.com/dyn/33a-usync?uid=212406146400894
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame E02A
Redirect Chain
  • https://router.infolinks.com/dyn/iq-usync
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed&3rddpi=1810047279&3rdpcid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5&3...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed&3rddpi=1810047279&3rdpcid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5&...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed&3rddpi=1810047279&3rdpcid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5&3rddpi=1639354730&3rdpcid=y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1%7EA&3rddpi=1634346717&3rdpcid=oaPM0sJO2eiGBZGXbFb6&3rddpi=1213503647&3rdpcid=y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t%7EA&3rddpi=1239766150&3rdpcid=e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5&3rddpi=443164713&3rdpcid=ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk&3rddpi=1023151617&3rdpcid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&ckls=true&ci=fdgDXCEEHQ&nc=false&trid=1161958804
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Server
54.192.51.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-9.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
LqmdhL07vXguaW6iRt4l9JfcnaHSQZ9se6HkHYSqUjk2wfOMbnCgXg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed&3rddpi=1810047279&3rdpcid=2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5&3rddpi=1639354730&3rdpcid=y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1%7EA&3rddpi=1634346717&3rdpcid=oaPM0sJO2eiGBZGXbFb6&3rddpi=1213503647&3rdpcid=y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t%7EA&3rddpi=1239766150&3rdpcid=e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5&3rddpi=443164713&3rdpcid=ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk&3rddpi=1023151617&3rdpcid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&ckls=true&ci=fdgDXCEEHQ&nc=false&trid=1161958804
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
HiYtSAV2wESTV85k9bRdJntlgT5LorQm5YTlhXOPIGJawa4goITUIw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame DBA8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQYZ3LUL-20-86GL
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQYZ3LUL-20-86GL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQYZ3LUL-20-86GL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
capi.connatix.com/us/ Frame DBA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQYZ3LUL-20-86GL&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQYZ3LUL-20-86GL&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQYZ3LUL-20-86GL&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
840244e36b70b3ef-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQYZ3LUL-20-86GL&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
840244e2eb21b3ef-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
ib.adnxs.com/prebid/ Frame DBA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQYZ3LUL-20-86GL
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQYZ3LUL-20-86GL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
an-x-request-uuid
b0e3f0cc-d27e-4b15-9ee2-20ed44f7814d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQYZ3LUL-20-86GL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=75VtjvQJUThyUo15rWbu4SaEdkQ
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=75VtjvQJUThyUo15rWbu4SaEdkQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=75VtjvQJUThyUo15rWbu4SaEdkQ
Date
Thu, 04 Jan 2024 08:56:34 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=4c274e16-0996-4920-97e8-8091cd32e709
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=4c274e16-0996-4920-97e8-8091cd32e709
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Thu, 04 Jan 2024 08:55:42 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=4c274e16-0996-4920-97e8-8091cd32e709
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3718888275283899047
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3718888275283899047
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3718888275283899047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=dfd9c401-4826-49c5-a91b-134ec9897dcf
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=dfd9c401-4826-49c5-a91b-134ec9897dcf
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=dfd9c401-4826-49c5-a91b-134ec9897dcf
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1869575
content-length
0
expires
Thu, 04 Jan 2024 00:00:00 GMT
Rubicon
s.seedtag.com/cs/cookiesync/ Frame DBA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQYZ3LUL-20-86GL
0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQYZ3LUL-20-86GL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQYZ3LUL-20-86GL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
tap.php
pixel.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7995778992001487599&expires=60&gdpr=0&gdpr_consent=
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7995778992001487599&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7995778992001487599&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=636979850693708765&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=636979850693708765&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
an-x-request-uuid
cf052813-04ec-4b90-bcdb-ffa6f7e11e61
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=636979850693708765&expires=30
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=925205737
  • https://sync.1rx.io/usersync/tradedesk/096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-d414429b-91ca-4e...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&expires=30
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd414429b91ca4e66977e78ebb86b19bc005
content-type
text/html
esync
token.rubiconproject.com/ Frame DBA8
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame DBA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQYZ3LUL-20-86GL
0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQYZ3LUL-20-86GL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQYZ3LUL-20-86GL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
redirect
exchange.mediavine.com/usersync/ Frame DBA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQYZ3LUL-20-86GL
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQYZ3LUL-20-86GL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
52.203.254.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-254-189.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQYZ3LUL-20-86GL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08c627b67f10e75995ce6908d3f9f7b
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame DBA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQYZ3LUL-20-86GL&name=RUBICON
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQYZ3LUL-20-86GL&name=RUBICON
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQYZ3LUL-20-86GL&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
sync.targeting.unrulymedia.com/csync/ Frame DBA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly
  • https://sync.1rx.io/usersync/rubicon/LQYZ3LUL-20-86GL
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WWrGHeIEvFPpmBKwLYkYFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WWrGHeIEvFPpmBKwLYkYFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUq552qP15L-JUb3ftanKTygkdYxw3g9jYZpRb8YggGH3EgjWfJ77BVnWMFY2cTkMg8viMwIQIg6654xqU9vA0pAkxhmDTSoT1bxEjkStIqgJ8R-HjpCrxiomiJ-xnONriBAeBMqA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUq552qP15L-JUb3ftanKTygkdYxw3g9jYZpRb8YggGH3EgjWfJ77BVnWMFY2cTkMg8viMwIQIg6654xqU9vA0pAkxhmDTSoT1bxEjkStIqgJ8R-HjpCrxiomiJ-xnONriBAeBMqA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MzU4NTk0LDg3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZHVwZXJiLXNob3AubmdvbnRpbmgyNC5jb20vIixudWxsLFtbOCwiZlh3ZFM4TmlJWm8iXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTgsIltbWzBdXV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71ee4bb61ca7d8b2a71f2ec094d9635ce3f56a689ce9d9eb3d5bf6a913135638
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gRTDfXGP4tXBnI2Y01zqgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gRTDfXGP4tXBnI2Y01zqgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2772 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfbxlwHKWZfL8DvyhjvQP-YOX-Ay-laSvbPfa0tOsDMCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIICT9A5YjrvgYLoudU39RHOAhAXL9mmxOlIDq_1YrKD90A8Cj7cysfwFaSKYdIUT--Pj5jKKYf8-dAFkj4tnOerAOUBaCgbGEkjJA6evfl3Go5qdNO2UvlE9PRgCiKxKtrEwYymnExs1bIrfR-HFD29eDIGR4zdYzMd8Mu_u4MIpk1O9mNCXdJsWqdc41IZrhh0z8m5juYXC5wR1hjUiEC13V3uaoU0Jv7j7UUBoBbfXzSiljx7IBFBuRx2RhAqbV-k1FKXEjFkNJE-u83Jwcd1wSSSxaSvySAudoozFYkigiWUlKLspkUmJosp-LBSdQMBd6izGYlUTuNate7Piw8uHFwv4AQBgAbB9sCb5MPd6ZsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WM6c1sOuw4MDgAoD-gsCCAGADAHiDRMInMbWw67DgwMV_JCDCB35wQXP0BUBgBcBshccChoSFHB1Yi0zOTQ0OTU0ODYyMzE2MjgzGJjbEA&sigh=EMxjHBPY02k&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_Gkv7gglPq_D4_BeKpCy9CIvx-Mxo6NZ14SbJNISLKtcCfIfTD3225T8DCT2vvTSycro5A3JNBxgB&cbvp=2&vis=1
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
log
hblg.media.net/ Frame 2772 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAAUDE1NjIyNjUxMTA4Njg1Nl8xMjk0OTkzNjY5XzgzOTI4ODY0MzQ2MDFAMmNjZWE1Yjk4NWZhY2YwNGI3OGVhY2M3ZTcxNjQwZTmYB0jhehSuR9E_RGh0dHBzOi8vZHVwZXJiLXNob3AubmdvbnRpbmgyNC5jb20EVVMA6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMjkgU2FmYXJpLzUzNy4zNjRkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbRI4Q1VVOUpGOEgIDDcyOHg5MAgwLjIxDmVhc3Rfc2MGQURYCAhudXJsAAAAAAAAAFRAuv2Bu5pjAjEAAAAAAADwv0BydGItYXBwbmV4dXMtNzdjYjljNDg1OS1zYnF2OS5TQz4xNzAwMDgwODA3NjgzMzAwNzI4MDA5MDAwMDU5NTAwAhA2MjMyYzg5NwJkAg&cbvp=2
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Jan 2024 08:56:34 GMT
log
qsearch-a.akamaihd.net/ Frame 2772 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=2ccea5b985facf04b78eacc7e71640e9&bdp=0.2700&bidfp=0.0500&cc=US&cid=8CUU9JF8H&crid=839288643&ct=miami&dc=east_sc&dn=duperb-shop.ngontinh24.com&iwb=1&ogcbdp=0.2700&other_bids=0.27&other_prv=460&pbshr=100.0000&requrl=duperb-shop.ngontinh24.com&sat=1&sc=FL&sc_pvid=460&send_erpm=false&server=6&size=728x90&strg=smm_migration_test&totalTime=960110&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2024-01-04%2008%3A56%3A32&seat=BID_API&itype=adx&req_id=oNGN536AaM4nnz64J7W1zw&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.129%20Safari%2F537.36&br_ver=120.0.6099.129&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&seg=long_tail_homepage_catchall&f_seg=long_tail_homepage_catchall&ogerpm=0.27&ogerpm_used=false&rawbid=0.27&totalTimeBucket=0&sub_bidder=196&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&bdp_wider_bucket=1&adblk=891648550&advurl=related.investorfocus.net%2F&bdr_typ=1&clisp=rtb-appnexus-77cb9c4859-sbqv9.SC&dmm_m22=0.2700&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300728009000059500&zone=d&rc=-1&sfm_key=mowx_null&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-78f788cb9b-ss4wm&djvm=9.5.8&cbvp=2
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.182 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 04 Jan 2024 08:56:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2A02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CS8LkwHKWZeTpCom1jvQPvsazwAa-laSvbPfa0tOsDMCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIYCT9DLR3F-GhaRIOM7gReHKK8n7Tfc-FTbrXKlE5h_NCSPtNm4Rsu7EcQQmtuFriSfv2bIa9wLKKEJY5RADG_N0MucH_X8G767L6J0l1LadKnI0N0VADvFCiO5KuHJCMFdevSwhVw5V8PD-91A14-x3TdQbRVahnnEpGPFndwm5nlEpYSk41g7M_KD_gHReFCygtVYhvaHvAQ2MW7EWimqmvpGSDGpCfy70RMd_q83pzdudmGotWkAQkETvjPNOHtOV4ROMVXyZZhI84Q3yEgqAL9R2gzM3OggQTBCeIYbwfB5QmKarFrVUe8lwi09aOTiMtQ1ccj45KS-M7qL2xv8K-P4NTiWkOAEAYAGjYOftsqIooSrAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliDltLDrsODA4AKA_oLAggBgAwB4g0TCNPM0sOuw4MDFYmagwgdPuMMaNAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=preb_8HNIvs&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_yVZ1HSwCDVwblNJ63yjmF49cprMi112STIkqBAikELgyaapT2GfeCd8b78d89HnnCpkNMdPVmhgB&cbvp=2&vis=1
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
log
hblg.media.net/ Frame 2A02 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjI0ODY3Mjk4ODAyODQxOV84NTUzNzI1NjVfODM5Mjg4NjQzNDYwMUA1YmFjZmM2MTU0NzM5ZjQyYjgwNTY1MTU3MTNiZjk3MZgHUrgehetRyD9EaHR0cHM6Ly9kdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbQRVUwDoAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2NGR1cGVyYi1zaG9wLm5nb250aW5oMjQuY29tEjhDVVU5SkY4SAgOMzAweDI1MAgwLjE0DmVhc3Rfc2MGQURYCAhudXJsAAAAAAAAAFdAyvyBu5pjAjEAAAAAAADwv0BydGItYXBwbmV4dXMtNzdjYjljNDg1OS1seHNnai5TQz4xNzAwMDgwODA3NjgzMzAwMzAwMDI1MDAwMDU5NTAwAhA2MjMyYzg5NwJkAg&cbvp=2
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Jan 2024 08:56:34 GMT
log
qsearch-a.akamaihd.net/ Frame 2A02 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=5bacfc6154739f42b8056515713bf971&bdp=0.1900&bidfp=0.1100&cc=US&cid=8CUU9JF8H&crid=839288643&ct=miami&dc=east_sc&dn=duperb-shop.ngontinh24.com&iwb=1&ogcbdp=0.1900&other_bids=0.19&other_prv=460&pbshr=100.0000&requrl=duperb-shop.ngontinh24.com&sat=1&sc=FL&sc_pvid=460&send_erpm=false&server=6&size=300x250&strg=smm_migration_test&totalTime=711503&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2024-01-04%2008%3A56%3A32&seat=BID_API&itype=adx&req_id=z-Lo-HaKC-wEc2LkvQTZLA&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.129%20Safari%2F537.36&br_ver=120.0.6099.129&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&seg=long_tail_homepage_catchall&f_seg=long_tail_homepage_catchall&ogerpm=0.19&ogerpm_used=false&rawbid=0.19&totalTimeBucket=0&sub_bidder=196&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.92&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&bdp_wider_bucket=1&adblk=4276375253&advurl=related.investorfocus.net%2F&bdr_typ=1&clisp=rtb-appnexus-77cb9c4859-lxsgj.SC&dmm_m22=0.1900&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300300025000059500&zone=d&rc=-1&sfm_key=mowx_null&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-78f788cb9b-zm72p&djvm=9.5.8&cbvp=2
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.182 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 04 Jan 2024 08:56:35 GMT
iqusync-1.26.min.js
resources.infolinks.com/static/usync/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3245929&wsid=0&pdom=duperb-shop.ngontinh24.com&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f1c50bf0e9ba617aa63fe19f1a6026d6c424771fffcbfa3f9bb14ba95d59d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 11:50:03 GMT
server
cloudflare
age
9432
etag
W/"993-60b4922bbf851"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
840244e239ee5c64-MIA
expires
Sat, 03 Feb 2024 06:19:22 GMT
css
fonts.googleapis.com/ Frame 54DF 		2 KB
555 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 07:43:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 08:56:34 GMT
d5435a29cdf293e25ee24dd79b71c38e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/d5435a29cdf293e25ee24dd79b71c38e.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d47b225460565712cf74d7e590e038e05f03a098fccc984a08f482f36db4ed93
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50759
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3b777b46c08e1ec65493c2ca556183d4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		113 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/3b777b46c08e1ec65493c2ca556183d4.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eafafb205ec50b963795ef19e4690f90c5941c2605d5d31bd4e22b0dbf27170e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
51201b723fe45875025463d96f0fc0dd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/51201b723fe45875025463d96f0fc0dd.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
844a3c40ac0aae8539c5737af087eeb540522ca5903162f795bdfbf3e2fdb042
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5080
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
66537b12b083a80229751694740f3042.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		111 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/66537b12b083a80229751694740f3042.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7237e3abae7da99ef56185f7b2dcf53781a6e9f677ab202c221260fd3b1851f2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
2fc43ce0c44d2bd876b558ef41677321.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/2fc43ce0c44d2bd876b558ef41677321.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90a847214fb03bd48f9d5b7882c61f5ed7955cc3bf4c6ff347e95490c120f730
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 05:00:47 GMT
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1588
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8e779e187904eb5b175e6ce9d88191db.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		112 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/8e779e187904eb5b175e6ce9d88191db.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56243d82f53e3fdd390332f9a8e02c75dce0eb5351ced4bcb363f8d533b0ce0b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
2f8b723339533488bd27ade5256ef6cf.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/2f8b723339533488bd27ade5256ef6cf.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ac192e5a36b6e93c39c378f5ba264f332f5650150face483ae45ec94e18e6d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 05:00:47 GMT
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2642
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ab5af3a97e63334dcc2843b37c751591.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		107 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ab5af3a97e63334dcc2843b37c751591.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40d90847b61a8a221f1698cb40a76a5fe9b81899da34ceee38053a950a5c56c5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
fa0f05aaef85b7cab633dc20f05da0f3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/fa0f05aaef85b7cab633dc20f05da0f3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa91ed7d8104858b34338a4e403c48d99e5c18042377e69c49d30a42d8e20dbf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1495
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3d5d43b9412abe5172dca8ed55ea8d6a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/3d5d43b9412abe5172dca8ed55ea8d6a.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0b12b6f6d70be1490bd520cd667924b0143655328476caa644be9f97ec49dd5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3533
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
prebid
id5-sync.com/api/config/ 		136 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
2aa25a19729df7b573f42c20a108d4ec213403df5ac193414f02f35887e7017c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		108 B
825 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
6d1d872251470a1a3138c10f89c79e7a8df7273837e4bad3a0213f56dd654c56

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 03 Feb 2024 08:56:34 GMT
doq.htm
rt3070.infolinks.com/action/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3070.infolinks.com/action/doq.htm?pcode=utf-8&r=17043585948961
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3394ff24813d1f09ffeaaf6b5d3269b4dd6ab5b62d60b25c140a64cbed3f81e0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
en-US
cf-ray
840244e31e6a67d2-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E3D8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972&us_privacy=1---
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=130866
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
Fri, 05 Jan 2024 21:17:41 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
bloggernetwork-d.openx.net/w/1.0/ Frame 533F 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d90d8ed6b3539adec45f3848a19784867c063410a0b7c727881cf63fc87c5c60

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
680
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cs.html
cs.seedtag.com/ Frame 35E5 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2397fbe331fb7cc8c5325752c4af7d6c5cb9204a1f810b89fc93c372cbdd37

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
293
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
840244e318137494-MIA
content-encoding
br
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
etag
W/"e1932830098c932fee98b7cc79857ecc"
expires
Fri, 05 Jan 2024 08:56:35 GMT
last-modified
Wed, 13 Dec 2023 15:57:21 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1702483041418398
x-goog-hash
crc32c=eQLC6w== md5=4ZMoMAmMky/umLfMeYV+zA==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15379
x-guploader-uploadid
ABPtcPqJU73_iWZubF5aVgM5i03fLcq4O50H_046AvM76Ay3aPmV1IyHy6g6zW3erKDxDk93KLhyyOzleg
pbcas
ads.yieldmo.com/ Frame F4B1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
bb9a7118557eeb047d378f4456061c8ff17777a7b0e2deb1e2624821d7add24f

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 04 Jan 2024 08:56:35 GMT
pragma
no-cache
vary
accept-encoding
checksync.php
contextual.media.net/ Frame 3227 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c665236adb79dc98a71bf68e632465897f07383a65e4e2797257d3a67575d493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
9673
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
Sat, 06 Jan 2024 08:56:35 GMT
quic-version
0x00000001
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
isyn
prebid.a-mo.net/ Frame 34D2 		2 KB
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtUBShpkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbVILYWFzLWZjMjU1OGFaCHBiYTEuMy4zahpkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbfoBBjguMTIuMOgCAYgDv-XZrAaoAzjqAyQ5M2ZlYWEwZC0wMjZiLTRiNTEtYmZjMy0yNjI4ZDIwZmE0YWaqBANEQ0iyBQNVU0TSBQkxMDUxOTk1MzTYBQHgBQHqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHDm5nb250aW5oMjQuY29t4AcB
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
dad497edb6c807568a8187d713ff0adc73a322324af08c10e3a11c694b9478f8

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
600
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:56:34 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
/
sync.cootlogix.com/api/sync/iframe/ Frame 7778 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b6ab2f2885e9d059a20a61f66358bb55559658f3064a327d610ac489b904f9a5

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
2583
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
usync.html
eus.rubiconproject.com/ Frame 236E 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:35 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
2000033.html
sync.serverbid.com/ss/ Frame FC08 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000033.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:3e00:1b:fdeb:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e6ee3a660e14eda56fc4ec4bc845220a52ce5cbb9c44c164e7e881a46b49bc9

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
50624
content-encoding
gzip
content-type
text/html
date
Wed, 03 Jan 2024 18:52:52 GMT
etag
W/"e3980f93156a3a26afc34d0acdc0bf4a"
last-modified
Wed, 03 Jan 2024 15:48:43 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fe2c65104051140806cad998f531e478.cloudfront.net (CloudFront)
x-amz-cf-id
_xZrwTkN_ypZk4A8Gd6k55X_PRZkvaQYdSrjpozOl02JIFlyiL-BeA==
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_ef05a4f4-ea21-4132-8f9b-509d7f0f4b21&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/8/2.gif?puid=6e6e8eff-b5f9-4db9-b257-c5768bc40410&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/7/3.gif?puid=636979850693708765&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F6%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/203/6/4.gif?puid=dfd9c401-4826-49c5-a91b-134ec9897dcf&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F5%2F5.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/441/796/5/5.gif?puid=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&ttl=%%TTL%%
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAK7pU7LLOYAABZ7UayRiw&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AAK7pU7LLOYAABZ7UayRiw&id5AccountNum=155&numCascadesAllowed=9
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AAK7pU7LLOYAABZ7UayRiw&id5AccountNum=155&numCascadesAllowed=9
Date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/ Frame 72DB 		24 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6036f549339e4770f5953209733cae0fe1e6493a28f39b6f72306b1716ed7d56
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
14148
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4210
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 05:00:47 GMT
expires
Fri, 03 Jan 2025 05:00:47 GMT
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 54DF 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tpc.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 01:07:43 GMT
x-content-type-options
nosniff
age
546532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:49:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 01:07:43 GMT
receive
pixel.tapad.com/idsync/ex/ Frame F4B1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEcF888LLF8ncRyQhGBf
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=636979850693708765&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=636979850693708765&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
an-x-request-uuid
4eb85d80-8916-471f-9b1d-ca1188b0540f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=636979850693708765&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2C%2C
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame F4B1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LQYZ3LUL-20-86GL
43 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LQYZ3LUL-20-86GL
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LQYZ3LUL-20-86GL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
sync
ads.yieldmo.com/v000/ Frame F4B1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=636979850693708765&pn_id=an
43 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=636979850693708765&pn_id=an
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
an-x-request-uuid
76cadc78-6d62-4e99-b270-efb9952070b5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=636979850693708765&pn_id=an
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame F4B1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=pGp0OXObzqUD&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=pGp0OXObzqUD&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
3.219.128.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-200.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ads.yieldmo.com/v000/sync?userid=pGp0OXObzqUD&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-gskrr
expires
-1
sync
sync-pm.ads.yieldmo.com/ Frame F4B1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DEA5C9313-A3DA-4BAA-A579-65F7E4A7CF75%26gdpr%3D-1%26gdpr_consent%3D
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent=
43 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
3.229.125.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-125-131.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=-1&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rum
dsum-sec.casalemedia.com/ Frame 22D0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&expiration=1706950595&gdpr=0&gdpr_consent=
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&expiration=1706950595&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vut6n%2BVKWSwze1PbpqYmDI5j40CHNkT1OjWQPgSVxJFxY718J7KLnsGWWMg5l24fvuoaaqO1YhtKAXVidqBQ6Sv9Tn0z%2FFPQbvT276wBMQcu4vr1tqu2nVWlwpkwBJaSKn56L09nqN7vLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244e4085d74c6-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&expiration=1706950595&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:35 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 22D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBXEJdsobHJRLE9pNraP46e%2F5xc2neV9ZeIZgW5JEpLnAmegFDbBdBSebtflEHocuGYW3ak2rR3Y50SVhhOWMbHE6l1a1cbSq0L1%2Baan%2Ba%2BfqgS81XXdndzXwuuUAA7IV4moW9Ldi1eWeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244e40b849acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame 22D0
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZZywm0kJuFq-2paTsMZ7QAA%261655&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZZywm0kJuFq-2paTsMZ7QAA%261655&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=acb33ec328914effa1f7705c73607972
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=acb33ec3-2891-4eff-a1f7-705c73607972
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1c...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&pid=500040&it=1&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704358595.7647069&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
42 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704358595.7647069&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704358595.7647069&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Date
Thu, 04 Jan 2024 08:56:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
dcm
s.amazon-adsystem.com/ Frame 22D0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
37A3BTE1W5EPKMEPQTCP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 22D0
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970314647640213723
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970314647640213723
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfwQf05kSAdSlWCcShKAjxE5DIf9nwsfMADBg3V0EvklHkRsS84EVDhIdizcMXFFC1dEFbsTmjjcssabyNPVCXqHyflLE67CPTDlJUy7GevCZ4e0CARDAyv4%2FsInfz1fTzmIEVspOfmdDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244e6cd4e9acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970314647640213723
Date
Thu, 04 Jan 2024 08:56:35 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 22D0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Server
2600:1f18:4e9:5a05:6096:7d74:cf85:e5f3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 22D0 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZZywm0kJuFq_2paTsMZ7QAABncAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.133 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704358595473033-1199
rum
dsum-sec.casalemedia.com/ Frame 22D0
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YBjtS8sEUseWA3DwEtgcE5jLZImwd85XFAghZrYdB9%2F1jWOTS11V3C%2BXH7RmpKzcS7Po1GuyUDXQiwP302d6kwUUz65cGmKn1zXxq%2FLZEmCMB9%2Fl7FBNzb545YLTgVt%2FukwqPRNoWr2dw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244e7edf99acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 04 Jan 2024 08:56:35 GMT
server
_
content-length
0
ix-usync
router.infolinks.com/dyn/ Frame 22D0 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=ZZZywm0kJuFq-2paTsMZ7QAA%261655
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e47b145c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT
cframe.js
assets.a-mo.net/js/ Frame 34D2 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CtUBShpkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbVILYWFzLWZjMjU1OGFaCHBiYTEuMy4zahpkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbfoBBjguMTIuMOgCAYgDv-XZrAaoAzjqAyQ5M2ZlYWEwZC0wMjZiLTRiNTEtYmZjMy0yNjI4ZDIwZmE0YWaqBANEQ0iyBQNVU0TSBQkxMDUxOTk1MzTYBQHgBQHqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHDm5nb250aW5oMjQuY29t4AcB
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 2e9033da1cf7b64ac622ab535b39a266.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
194
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
840244e418b0db21-MIA
x-amz-cf-id
NwMJOZzNv4kXS1ll3digvybdRkXclpp2eAQTYKA9_Kxddhq6WC6skw==
expires
Thu, 04 Jan 2024 09:56:35 GMT
/
bpi.rtactivate.com/tag/ Frame 533F 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=50019&user_id=570102a2-401f-4a02-bc1f-aebdf16fa1e1
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.41.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-41-244.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
37274
stags.bluekai.com/site/ Frame 533F 		62 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=ee3a71fb-aae0-45ff-a043-1e9098c7a483
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 04 Jan 2024 08:56:35 GMT
content-length
62
bk-server
8f87
content-type
image/gif
709996.gif
id.rlcdn.com/ Frame 533F 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 533F
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=6583bcd7-870f-5d48-2d9d-ca47265a84f2
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=1fvibwpsys9n4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=1fvibwpsys9n4
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=1fvibwpsys9n4
cache-control
no-cache
cf-ray
840244e50de1741d-MIA
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 533F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=75VtjvQJUThyUo15rWbu4SaEdkQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=75VtjvQJUThyUo15rWbu4SaEdkQ
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=75VtjvQJUThyUo15rWbu4SaEdkQ
Date
Thu, 04 Jan 2024 08:56:35 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 533F
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=d6a01db8-cded-4430-ac21-1af5e7a5ca01&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZZZyw_ZVWwS9bs1nA8HEhcKA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZZZyw_ZVWwS9bs1nA8HEhcKA
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:35 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZZZyw_ZVWwS9bs1nA8HEhcKA
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
435a35bc9ac4
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 533F
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=FnijYTYRwVA8wM0D0I7-ig==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 533F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
Date
Thu, 04 Jan 2024 08:56:35 GMT
Connection
keep-alive
X-CI-RTID
303ec8da-a646-45cc-8666-b75163639954
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 533F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&gdpr=0&gdpr_consent=
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:34 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 533F 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=cf505aa1-c490-45f9-9055-1962301b053c
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
iquid.js
resources.infolinks.com/static/ 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/iquid.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c35a725ae1976af59c99556ad69e993dd9cf474033a75bb9406d59819d573d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 11:30:07 GMT
server
cloudflare
age
3066
etag
W/"d8c3-5f7533fc75a6e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
840244e3babe5c64-MIA
expires
Sat, 03 Feb 2024 08:05:29 GMT
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
46271
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
840244e42a560a2e-MIA
expires
Sun, 07 Jan 2024 08:56:35 GMT
id5.js
resources.infolinks.com/static/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/id5.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 26 Mar 2023 15:25:02 GMT
server
cloudflare
age
12655
etag
W/"e65f-5f7cf3aed6f0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
840244e3bac05c64-MIA
expires
Sat, 03 Feb 2024 05:25:40 GMT
ppid.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ppid.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:46 GMT
server
cloudflare
age
46272
etag
W/"65833eca-2947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
840244e42a570a2e-MIA
expires
Sun, 07 Jan 2024 08:56:35 GMT
usync.js
eus.rubiconproject.com/ Frame 236E 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71923
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:55:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2772 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM7R7D4ogP1_gcgwhqCkqlXOqhSiR3j8p9G35HnK8w7jAo3wi57AjKk4WzQ9HS38Ih-dqlfD3nS6e26Gp078xAFN_guoyI_QG_QVwhR3G56P7YXBswtkwT&sig=Cg0ArKJSzKT_SbXT_CJOEAE&id=lidar2&mcvt=1128&p=478,221,572,949&mtos=0,1128,1128,1128,1128&tos=0,1128,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=891648550&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358592615&rpt=1446&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D46 		42 B
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBDde-uG79PtPJLNMNvT-6EjdlUXAFHwnv1BldWVkbDz24Wn2W3hWkcaCasaN9up5JGujtjPj2qWUQkdgcaw9jjxHq69OIG3iv91BsJcuflQidRyxtrDcgS_B0WZoEYSirvdA5JMTO_Uz66wgEVO3rGP4KplqN2DTE9YbyLg3ElCiID51PM66zGlPheJsg4Sp3GkznlDojKRL5zy9LRED9awyDJN0B&sai=AMfl-YQ2SWZAdY8wT42NwRqEBodSR4g0LjnC-w528mJL0CCos-dl9Zo47Fv8yuGRzT2fUeA841at1WV7g0X7Ry1vu_VSSy0kuhtNI3tj6btvdhKFtBNMgVBzb4JWJWp7&sig=Cg0ArKJSzLzlDXsRQomJEAE&cid=CAQSPAAvHhf_x_N2iLFiuFCVLvNTiuCDVikCSthhfsfMUn5OurvbJcT8OqshpVBkTkHq3nMkVed7D6wxUJrbHxgB&id=lidar2&mcvt=1130&p=263,1015,863,1315&mtos=1130,1130,1130,1130,1130&tos=1130,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1287942552&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358592690&rpt=1347&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2A02 		42 B
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8XRmxU6s3gzrTi1Q-CMJiIrmTStuK9C5JaDS_-joHfdX-fQV2rVdBScFW9uvE5earL2xLerw8mf7g95aflMfx_-XZ9Y82K51I5Cy_RHfvLx0BQhTWKmgZ&sig=Cg0ArKJSzP06MKwZYaZKEAE&id=lidar2&mcvt=1132&p=4,1015,258,1315&mtos=0,1132,1132,1132,1132&tos=0,1132,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=4276375253&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358592825&rpt=1179&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame 2772 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDJjY2VhNWI5ODVmYWNmMDRiNzhlYWNjN2U3MTY0MGU5hp20oAaYBwRVUzRkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbRI4Q1VVOUpGOEgADDcyOHg5MA5lYXN0X3NjBDIzBkFEWBI4UFIxMTNKR0MOQklEX0FQSQAAAjBAcnRiLWFwcG5leHVzLTc3Y2I5YzQ4NTktc2JxdjkuU0M-MTcwMDA4MDgwNzY4MzMwMDcyODAwOTAwMDA1OTUwMAIwACIAEEVYQ0hBTkdFAgJk&evttyp=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Jan 2024 08:56:35 GMT
container-4.0.html
resources.infolinks.com/static/ Frame 4EC6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-4.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf7cf073e4dc6e46a9cd1f03c6815816377f97a806f55d14651ff1efa0425e1

Request headers

Referer
https://duperb-shop.ngontinh24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3660
cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
840244e44afd5c64-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
Sat, 03 Feb 2024 07:55:35 GMT
last-modified
Mon, 18 Dec 2023 15:25:02 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AEAA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 13:46:45 GMT
etag
48472445140208031
expires
Thu, 04 Jan 2024 13:46:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9FC8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a378f017fb2827af8bcdb3b62bc44f312c23fa4184101471e47e264c793f7dd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxVOGsQpA4Ae_3Qbv_jRWDzfV_hw4pXf0c9H5tZ3E7Q5xYzBKJceoK1EspcO8IRykfsPwzGDEuLWBZXK6tuZPhIlOReBQkRu0TF72AUqkTABGDn1LB6uTMhV77L9EpHKKQqmKCz1aA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVOGsQpA4Ae_3Qbv_jRWDzfV_hw4pXf0c9H5tZ3E7Q5xYzBKJceoK1EspcO8IRykfsPwzGDEuLWBZXK6tuZPhIlOReBQkRu0TF72AUqkTABGDn1LB6uTMhV77L9EpHKKQqmKCz1aA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MzU4NTk1LDI2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbS8iLG51bGwsW1s4LCJmWHdkUzhOaUlabyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxOCwiW1tbMF1dXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
81e90a605d58cde98f62a9c1a956462b690766424683e9011d59720f6d6cb366
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ktv0ltxIurEsp2i4YHLgcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ktv0ltxIurEsp2i4YHLgcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs5eswHKWZea0F73SjvQPvqCBwAft8s2SdbrlrZqYEoKah5-iDhABINjV2CtgyYaAgNyjxBCgAYvliMUDyAEJ4AIAqAMByANIqgSVAk_QqGUBiq41WCxHnSqqEISQk9n3QGS8tsQFG2rfxW5w1aW0U9FvibrJTPQwQrEj29ge40g1rUNQiGn1Oqm47J-GPjphqYI-cbiaYon3-t0ETLMlxFOyD06Tx-XSgt7xESUyW58JQXnq8QMzij6eqFbtdy6qKIdZx2P3WjMx6is-UtiP-pxY8kM6esM36l3QfhUgrMlbvQhHyxRulJICX2u-IScs0V0icBECSXoQYzpmCjJILhY5W03PXcwjqM8yQDKvGpOquPFdnZrMEQ3juGaHA4i8RfrWJ7rXrjDjic1uwFcbYqO5T116Mp1n8YMy7VTiM35jlWeEncg4RQdQ9kaFSUvZbBKIG5zbBG4YA8WT_UbOqO3ABPyoobzfAeAEAYgF8aeYtAOgBi6AB92a9zqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC16QfSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLDE3sOuw4MDmglPaHR0cHM6Ly93d3cubWlhbWlkYWRlLmdvdi9nbG9iYWwvbmV3cy1pdGVtLnBhZ2U_TWR1aWRfbmV3cz1uZXdzMTY5MjAxNjIwNjcxMTUzNIAKA8gLAdoMEQoLEJC5zZeCpoa6rAESAgED4g0TCL3u3sOuw4MDFT2pgwgdPlAAeNgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05NTE3MTg1MTA2MjgzNjgyGJjbEA&sigh=zqBY5fyNdog&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_UJzxIb7iA7nrkSeJ0mgkElYac-0oKYYpi0OZJhucTcLTRUPNMVfuVGiJ2_4bwPnMWlDNbRX4OxgB&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame B803
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs5eswHKWZea0F73SjvQPvqCBwAft8s2SdbrlrZqYEoKah5-iDhABINjV2CtgyYaAgNyjxBCgAYvliMUDyAEJ4AIAqAMByANIqgSVAk_QqGUBiq41WCxHnSqqEISQk9n3QGS8tsQFG2rf...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4eb282a4bea46a430000000000000000%22,%222%22:%220x8188763280b65c0d0000000000000000%22,%223%22:%220x57a715...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4eb282a4bea46a430000000000000000%22,%222%22:%220x8188763280b65c0d0000000000000000%22,%223%22:%220x57a71576560c42330000000000000000%22,%224%22:%220x47465ee25d7fbc5a0000000000000000%22,%225%22:%220x7d798568ccb896ee0000000000000000%22},%22debug_key%22:%2212915839673057447507%22,%22debug_reporting%22:true,%22destination%22:%22https://miamidade.gov%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950153867%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214449335318488123057%22}&andc=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4eb282a4bea46a430000000000000000","2":"0x8188763280b65c0d0000000000000000","3":"0x57a71576560c42330000000000000000","4":"0x47465ee25d7fbc5a0000000000000000","5":"0x7d798568ccb896ee0000000000000000"},"debug_key":"12915839673057447507","debug_reporting":true,"destination":"https://miamidade.gov","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["950153867"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"14449335318488123057"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 04 Jan 2024 08:56:35 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4eb282a4bea46a430000000000000000","2":"0x8188763280b65c0d0000000000000000","3":"0x57a71576560c42330000000000000000","4":"0x47465ee25d7fbc5a0000000000000000","5":"0x7d798568ccb896ee0000000000000000"},"debug_key":"12915839673057447507","debug_reporting":true,"destination":"https://miamidade.gov","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["950153867"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"14449335318488123057"}&andc=true
access-control-allow-origin
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 72DB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 16:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
58539
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 04 Jan 2024 16:40:56 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 72DB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 12:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
73109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 04 Jan 2024 12:38:06 GMT
516d85f1a3fc778d26bcf79692ddf242.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/ Frame 72DB 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f7e50bd764fa1ec6652bc51c7e64a5ed5afb52a6b41d7b95704e593ab423f58
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 05:00:47 GMT
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39879
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
/
www.googleadservices.com/pagead/ar-adview/ Frame 4D44
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CvPZXv3KWZa_SG-O7oPMP76KRoAfn0qb2dNaJv97-EbCQHxABII3V3iRgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoE3wFP0A4O6KbfIemDuBo_2jTFoi3QxsFZZ-3X_cXbNoS7bE3sGjJ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x88bda9d5f88dda8b0000000000000000%22,%222%22:%220x423cbe006ac2c4a0000000000000000%22,%223%22:%220xbd10b0b...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x88bda9d5f88dda8b0000000000000000%22,%222%22:%220x423cbe006ac2c4a0000000000000000%22,%223%22:%220xbd10b0b582b87890000000000000000%22,%224%22:%220xce78b6ec0c64cf0a0000000000000000%22,%225%22:%220xe08f966ee3927f020000000000000000%22},%22debug_key%22:%2211538322674021617687%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221330797567572316177%22}&andc=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x88bda9d5f88dda8b0000000000000000","2":"0x423cbe006ac2c4a0000000000000000","3":"0xbd10b0b582b87890000000000000000","4":"0xce78b6ec0c64cf0a0000000000000000","5":"0xe08f966ee3927f020000000000000000"},"debug_key":"11538322674021617687","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"1330797567572316177"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 04 Jan 2024 08:56:35 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x88bda9d5f88dda8b0000000000000000","2":"0x423cbe006ac2c4a0000000000000000","3":"0xbd10b0b582b87890000000000000000","4":"0xce78b6ec0c64cf0a0000000000000000","5":"0xe08f966ee3927f020000000000000000"},"debug_key":"11538322674021617687","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"1330797567572316177"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
register2.php
synchrobox.adswizz.com/ Frame FC08 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.131.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-131-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ad7bab07660ebf9a94314aefb3324dfaf6626e01534b1a966e48eb9d95ff7f06

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame FC08 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-76.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 14:33:18 GMT
via
1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
66706
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
KGMIPc4bQj7iJWA3ItEbpFxurCKEa37WkB2F0OqwmyMmeaP65Eg6DA==
c
gtrace.mediago.io/ju/log/ Frame D4B8 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtrace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=04c2a8ced62f97e287b6c2780da42533&mguid=&apiV=1&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:2743,%22time%22:1704358595396,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
ic
trace.mediago.io/ju/ Frame D4B8 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=04c2a8ced62f97e287b6c2780da42533&acid=781&data=2c7lEowGl7DKMSlJQ-83OPZ2GOL_EzUvh2QGR-e9B0fmDjpRH-qHqvXyJnktY92tjQXLwi6BGHmaj0c5Y6OvNgAetyN2AvkkMMdDTmTuJD1e7rx2omFkRM1Aksw-TE8C8_4FPVXPi2M-TPFEvzsR5IAwWrZc60NkDbJOqL8aC7c2i31OdS0RJVDcVd2Uoel69Q9HuSlcE7hh7hSfVhH71w1jZnGf39a1i-MUdqC420kbkK46gfYM5QT_HbptnyDqtfomKpp8wZUXyIOAVNkEcrLPVpMRdo_KmBrpDrJhy5SKfK-olNRP9LxKNeSJ2DJafRE3lnIILzX53p1UtprxiXSzHP-_OFrdvyBBaKKZkizpmd1Zo0sA4xnmT0duspfofW956ZEnktZUHDM7-kL7cnI9G8KM16q8Jz3bNPPStsJnInWYhmuAcQzvQQQe50HnTpxG20TesXEID1fl8YkWqTvNcjnSN_frHvvNHCkO2xSM9fDcQAIocVHWBXtrI-oJSrh6gJ2hgLkCmboCZ2b7dcrfJ8l22xfb9FVN0c-QXeUv-5BcfX0K6R0rSTri7kT30UbDDeEWrh8RdgNYbeOdAYYPezGB6qfw__YvFUR0JmtqDb98rqx4WcWi5N_-eGPtIcDrI1JY-Q6yBkfH5T-pXn1ma1SPr9lLl5adck9n8UYB_EjjEMezs0sCxJmrb3QJwSD24yPp5E69Js8C9rSQ_080gnGMkzZO_pP-XTNchzUgXQ3RSzItbKPqoyOI5dg89oopBZ1I0quNpvEf0D5CIr8YPKc1mIemM1PpsWpxndmoTpdgjijZpnoT2flHwiAGkXATuqRUL3Guj_vSSh7TIxWTarDb55VgjZFVjSg2SyfBNujBm7eciIdJlLcuFTioTsw_vKQYoRDnjEx5j885lhmLaQfjAzIFAu-P6QH77dEGFphd-Ry02gevYwiX1agkUsSY6KW2ElT9WHnR10kE5P3U4oK6rSGxXUFT6oIz1KsCzIAg5EUzpsQRpzZpHL775VI0uGso63ugNCjMo4jpKtAea9MM1EpJztVSuuDNtO111_VA5zY_99UphGzrCBHYb21FbXVms2uVPf56o6OgMb6o6Ehk72CUd4-TJY3RGN12-6KTlPYjfwsjbHeWHzrFRKuhv_qb4ZqG_VXnDBTr1WtFA13Jnv-tbvzRdjrgcH2rDXIx9_M5CpLjs3d0FRhL8QLBnJYo50rvVvLq0woB5ysS5EAl2d136rvlPh9U0xApZl15jlZ8Mep7jKceUmNVvFs3QUZoItkFvM1f9SS2jK7vcZS4YPH2rncyQ9P8yTwJEfnUWEpYrUseJw1Z6_aD0cy22Z-5pgJkOajsfRwHl3rB9SernFdkuTOmB1sdIfT4iwFgzp27EDJMzzvStIChrXZc6bYwKkzSTAhZzC3ESQ&uid=CAESEMgMsYMEH90MpfdGUfAXKU0&mguid=&ap={AUCTION_PRICE}&tid=3
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
log
hblg.media.net/ Frame 2A02 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDViYWNmYzYxNTQ3MzlmNDJiODA1NjUxNTcxM2JmOTcxhp20oAaYBwRVUzRkdXBlcmItc2hvcC5uZ29udGluaDI0LmNvbRI4Q1VVOUpGOEgADjMwMHgyNTAOZWFzdF9zYwQyMwZBRFgSOFBSMTEzSkdDDkJJRF9BUEkAAAIwQHJ0Yi1hcHBuZXh1cy03N2NiOWM0ODU5LWx4c2dqLlNDPjE3MDAwODA4MDc2ODMzMDAzMDAwMjUwMDAwNTk1MDACMAAiABBFWENIQU5HRQICZA&evttyp=1
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Jan 2024 08:56:35 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 7A97
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CPJ7kv3KWZce2GsHPoPMPmvCOaOfSpvZ01om_3v4RsJAfEAEgjdXeJGDJhoCA3KPEEKAB9-KbtCjIAQKoAwHIA8kEqgTfAU_QUUfmFL7IR9kkcxorlFfSLD0h2qBefLo38A-swOCjPFOOn3J...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x88bda9d5f88dda8b0000000000000000%22,%222%22:%220x423cbe006ac2c4a0000000000000000%22,%223%22:%220xbd10b0b...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x88bda9d5f88dda8b0000000000000000%22,%222%22:%220x423cbe006ac2c4a0000000000000000%22,%223%22:%220xbd10b0b582b87890000000000000000%22,%224%22:%220xce78b6ec0c64cf0a0000000000000000%22,%225%22:%220xe08f966ee3927f020000000000000000%22},%22debug_key%22:%2213831010329402346234%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229936389462637891793%22}&andc=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x88bda9d5f88dda8b0000000000000000","2":"0x423cbe006ac2c4a0000000000000000","3":"0xbd10b0b582b87890000000000000000","4":"0xce78b6ec0c64cf0a0000000000000000","5":"0xe08f966ee3927f020000000000000000"},"debug_key":"13831010329402346234","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"9936389462637891793"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 04 Jan 2024 08:56:35 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x88bda9d5f88dda8b0000000000000000","2":"0x423cbe006ac2c4a0000000000000000","3":"0xbd10b0b582b87890000000000000000","4":"0xce78b6ec0c64cf0a0000000000000000","5":"0xe08f966ee3927f020000000000000000"},"debug_key":"13831010329402346234","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"9936389462637891793"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie
sync.cootlogix.com/api/ Frame 7778
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%5BUID%5D
  • https://sync.cootlogix.com/api/cookie?partnerId=sonobi&gdpr=0&gdpr_consent=&us_privacy=1---&userId=6e6e8eff-b5f9-4db9-b257-c5768bc40410
43 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=sonobi&gdpr=0&gdpr_consent=&us_privacy=1---&userId=6e6e8eff-b5f9-4db9-b257-c5768bc40410
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-55
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.cootlogix.com/api/cookie?partnerId=sonobi&gdpr=0&gdpr_consent=&us_privacy=1---&userId=6e6e8eff-b5f9-4db9-b257-c5768bc40410
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
d5435a29cdf293e25ee24dd79b71c38e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/d5435a29cdf293e25ee24dd79b71c38e.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d47b225460565712cf74d7e590e038e05f03a098fccc984a08f482f36db4ed93
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50759
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3b777b46c08e1ec65493c2ca556183d4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		113 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/3b777b46c08e1ec65493c2ca556183d4.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eafafb205ec50b963795ef19e4690f90c5941c2605d5d31bd4e22b0dbf27170e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
51201b723fe45875025463d96f0fc0dd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/51201b723fe45875025463d96f0fc0dd.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
844a3c40ac0aae8539c5737af087eeb540522ca5903162f795bdfbf3e2fdb042
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5080
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
66537b12b083a80229751694740f3042.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		111 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/66537b12b083a80229751694740f3042.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7237e3abae7da99ef56185f7b2dcf53781a6e9f677ab202c221260fd3b1851f2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8e779e187904eb5b175e6ce9d88191db.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		112 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/8e779e187904eb5b175e6ce9d88191db.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56243d82f53e3fdd390332f9a8e02c75dce0eb5351ced4bcb363f8d533b0ce0b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ab5af3a97e63334dcc2843b37c751591.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		107 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ab5af3a97e63334dcc2843b37c751591.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40d90847b61a8a221f1698cb40a76a5fe9b81899da34ceee38053a950a5c56c5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
fa0f05aaef85b7cab633dc20f05da0f3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/fa0f05aaef85b7cab633dc20f05da0f3.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa91ed7d8104858b34338a4e403c48d99e5c18042377e69c49d30a42d8e20dbf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1495
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3d5d43b9412abe5172dca8ed55ea8d6a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 54DF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/3d5d43b9412abe5172dca8ed55ea8d6a.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0b12b6f6d70be1490bd520cd667924b0143655328476caa644be9f97ec49dd5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3533
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 9BBB 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
116728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 00:31:07 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 0777
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CAfbCv3KWZe_HGYbLoPMPx5KaoA6em_r2dMXm7bakEpeWjN_aDxABII3V3iRgyYaAgNyjxBCgAZup4LkDyAECqAMByAPJBKoE3wFP0BwNn4A1QiZUn5zXgCnZWo1QzyXHstTxuIelwBQl2hU...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2d4fb2d177ea12dd0000000000000000%22,%222%22:%220x4241a4ab9dd5b8c60000000000000000%22,%223%22:%220xcdb643...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2d4fb2d177ea12dd0000000000000000%22,%222%22:%220x4241a4ab9dd5b8c60000000000000000%22,%223%22:%220xcdb6433e56e3d7890000000000000000%22,%224%22:%220x96cfb8a380295a1b0000000000000000%22,%225%22:%220xf6ceb574acadaf8e0000000000000000%22},%22debug_key%22:%226272100905726722113%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22926422171%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221428898484055820689%22}&andc=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2d4fb2d177ea12dd0000000000000000","2":"0x4241a4ab9dd5b8c60000000000000000","3":"0xcdb6433e56e3d7890000000000000000","4":"0x96cfb8a380295a1b0000000000000000","5":"0xf6ceb574acadaf8e0000000000000000"},"debug_key":"6272100905726722113","debug_reporting":true,"destination":"https://amazon.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["926422171"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"1428898484055820689"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 04 Jan 2024 08:56:35 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2d4fb2d177ea12dd0000000000000000","2":"0x4241a4ab9dd5b8c60000000000000000","3":"0xcdb6433e56e3d7890000000000000000","4":"0x96cfb8a380295a1b0000000000000000","5":"0xf6ceb574acadaf8e0000000000000000"},"debug_key":"6272100905726722113","debug_reporting":true,"destination":"https://amazon.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["926422171"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"1428898484055820689"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame F176
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:35 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame BFC7 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:6b::17db:9a12 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Thu, 04 Jan 2024 08:56:35 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE66 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=130866
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
Fri, 05 Jan 2024 21:17:41 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 96BA
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
493e76e5b1fb957bc28c110c25bd9ba8374d731001ed6a60cc7a029056fc5fd7

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:54:58 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:54:58 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.5
/
ssc-cms.33across.com/ps/ Frame BAAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
server
33XP018
x-33x-status
2000208
isync
visitor.omnitagjs.com/visitor/ Frame DA65 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
54f77c61156839bf898f1f84b8a3282b65dcb4b9627887218b43fccd523faff1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1601
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
6
/
onetag-sys.com/usync/ Frame EDA6 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sharethrough
s.seedtag.com/cs/cookiesync/ Frame D126
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 04 Jan 2024 08:56:35 GMT
server
openresty
via
1.1 google

Redirect headers

content-length
0
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
pulsepoint
s.seedtag.com/cs/cookiesync/ Frame 482D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=pGp0OXObzqUD&ev=1&us_privacy=1---&pid=562983
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=pGp0OXObzqUD&ev=1&us_privacy=1---&pid=562983
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 04 Jan 2024 08:56:35 GMT
server
openresty
via
1.1 google

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-5b8764964b-gskrr
expires
-1
location
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=pGp0OXObzqUD&ev=1&us_privacy=1---&pid=562983
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
s
s.seedtag.com/cs/st/ Frame 35E5 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=636979850693708765
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=636979850693708765
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
an-x-request-uuid
3443fa00-5857-4bc0-b690-018ebc4439f1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=636979850693708765
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=3011296250024499263
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=3011296250024499263
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=3011296250024499263
date
Thu, 04 Jan 2024 08:56:34 GMT
content-length
0
outbrain
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=oaPM0sJO2eiGBZGXbFb6&gdpr=0&us_privacy=1---
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=oaPM0sJO2eiGBZGXbFb6&gdpr=0&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=oaPM0sJO2eiGBZGXbFb6&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ttd
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
date
Thu, 04 Jan 2024 08:56:35 GMT
server
Kestrel
content-length
205
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.mgid.com/m?cdsp=146480&gdpr=0&gdpr_consent=&us_privacy=1---&adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dseedtag%26user_id%3D%7Bmuidn%7D%26bsw_param%3D97c6f5a2-cd54-43...
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D303%26ssp%3Dseedtag%26user_id%3D%7Bmuidn%7D%26bsw_param%3D97c6f5a2-cd54-4303-8f86-b973f7a4e46c%26expires%3D10%26gdpr%3D0%26...
  • https://x.bidswitch.net/sync?dsp_id=303&ssp=seedtag&user_id=o04z1rxEQCU0&bsw_param=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&expires=10&gdpr=0&gdpr_consent=
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=
Date
Thu, 04 Jan 2024 08:56:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
richaudience
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D&rd=1
  • https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=661a61ac-6bee-4892-8121-1zz1704358498
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=661a61ac-6bee-4892-8121-1zz1704358498
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=661a61ac-6bee-4892-8121-1zz1704358498
date
Thu, 04 Jan 2024 08:54:58 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server_match
ad.360yield.com/ Frame 35E5 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.218.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-218-249.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 04 Jan 2024 08:56:35 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZZywtRGY3i0IrndgkdX3AAA%262945
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZZywtRGY3i0IrndgkdX3AAA%262945
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ki8q1hg1Y%2F%2FOzbNsfYB6T2hYStmR24xhlErUnNvj1oUqXXBAQ3SQdBamg4fSv3pYpxfmtZFr1tgukOQmuEQwq6IZ5uBgUZ74INnG82Ygj%2B1X8164Rol5M7ObjaXbTRyVbk8BmbkckmT2LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZZywtRGY3i0IrndgkdX3AAA%262945
cache-control
no-cache
cf-ray
840244e5fcbf9acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adform
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/adform?channeluid=3718888275283899047
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/adform?channeluid=3718888275283899047
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/adform?channeluid=3718888275283899047
date
Thu, 04 Jan 2024 08:56:36 GMT
server
nginx
content-length
0
content-type
text/plain
sovrn
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H7yYaLZHttzIvJpmTweNNASm
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H7yYaLZHttzIvJpmTweNNASm
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Thu, 04 Jan 2024 08:56:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H7yYaLZHttzIvJpmTweNNASm
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
openx
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=9b77700b-462c-4cab-8c2d-327063743480
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/openx?channeluid=9b77700b-462c-4cab-8c2d-327063743480
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.seedtag.com/cs/cookiesync/openx?channeluid=9b77700b-462c-4cab-8c2d-327063743480
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yeahmobi
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkc77c4c75bd6243e4b341723856fa140d
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkc77c4c75bd6243e4b341723856fa140d
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkc77c4c75bd6243e4b341723856fa140d
date
Thu, 04 Jan 2024 08:56:35 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtbhouse
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=seedtag
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=seedtag
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=seedtag
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&pi=seedtag
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT, Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
opera
s.seedtag.com/cs/cookiesync/ Frame 35E5
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU88a2c345cef749f9ad89dcd7e5d07206
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU88a2c345cef749f9ad89dcd7e5d07206
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU88a2c345cef749f9ad89dcd7e5d07206
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
111
expires
Mon, 01 Jan 1990 00:00:00 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame FF86 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=533972128&adf=1497754791&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591008&bpp=1&bdt=662&idt=393&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C771x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
116728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 00:31:07 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B44D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=130866
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
Fri, 05 Jan 2024 21:17:41 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F76C 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
rid
match.adsrvr.org/track/ Frame FC08 		109 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
4225e2de241af44fcef2f1bcd0c54225c60e2e172f68aea47959cac93dad5f55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 03 Feb 2024 08:56:35 GMT
usersync
x.serverbid.com/ Frame FC08
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=ba8cb3b4-4c4a-4670-8cab-e43f5583917f
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=ba8cb3b4-4c4a-4670-8cab-e43f5583917f
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=ba8cb3b4-4c4a-4670-8cab-e43f5583917f
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
usersync
x.serverbid.com/ Frame FC08
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=H7yYaLZHttzIvJpmTweNNASm
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=H7yYaLZHttzIvJpmTweNNASm
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Thu, 04 Jan 2024 08:56:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=H7yYaLZHttzIvJpmTweNNASm
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
x.serverbid.com/ Frame FC08
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=pGp0OXObzqUD&ev=1&pid=562763
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=pGp0OXObzqUD&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=pGp0OXObzqUD&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-gskrr
expires
-1
usersync
x.serverbid.com/ Frame FC08
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%...
  • https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZZZywtRGY3i0IrndgkdX3AAA%262945
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZZZywtRGY3i0IrndgkdX3AAA%262945
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sl4A9zBVdpUHttDUIiPs%2BJmW5zCY0ElJFfu%2BTwqSzZ8wTnZXZIgLkYBUBUwbKT3qYf6AEETHvDkuk0PXUja3OppqiGqsN0SzoCP1ebyUhVQDh9LY8p6VDD8poaBUC7tox7MJk9kNFAheBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZZZywtRGY3i0IrndgkdX3AAA%262945
cache-control
no-cache
cf-ray
840244e60cce9acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame FC08
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=636979850693708765
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=636979850693708765
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
an-x-request-uuid
3aecf096-0294-47fc-8f2d-2f4a83aa38ed
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=636979850693708765
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame FC08
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34361%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%...
  • https://prebid.a-mo.net/cchain/0/34361?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=7104abb1-a97a-4605-b391-df0f51751199&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc...
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=7104abb1-a97a-4605-b391-df0f51751199
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=7104abb1-a97a-4605-b391-df0f51751199
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=7104abb1-a97a-4605-b391-df0f51751199
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame FC08
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6e6e8eff-b5f9-4db9-b257-c5768bc40410
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6e6e8eff-b5f9-4db9-b257-c5768bc40410
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-55
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=6e6e8eff-b5f9-4db9-b257-c5768bc40410
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
x.serverbid.com/ Frame FC08
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VEcF888LLF8ncRyQhGBf&gdpr=&gdpr_consent=&us_privacy=
35 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VEcF888LLF8ncRyQhGBf&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VEcF888LLF8ncRyQhGBf&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
dffbbed6afd4d01f679cc5017540d74e039b87c7c5d5dcc1529a22a8e3f78c3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame B803 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuva_PpJqGXbR7gyKOlLJiTdnQAGAPfwq9l_b9Ydib_zh_9FucAi8e66qdxbZWRgGUxCdy9ugzJxhv4Kjh4MiRrV8AUYQ9MBAya8ZEQyp3zWcI8dOJsajN2-UphNU5SRt0RFHvYogqclRw5QK1eYz0HzvYdQg-klVlW3v-ndFV5qbTveevu7jplvPvqe76l2PXSqFkFwrwDFYex_4iaj8JJOOO27v1--wUIYKr3gqeoA34-YbiM3f56gN3-5jMnKiIl9rPkvO9tAYAZXqIYRAX1G8S60csWDpMdbbwtPWeqmU11d8-4TLnjV1CGznRIpNU0QXTpuDJZtgRpqpfwmmGlTr8F5DcTfXus9qWGE_fahyr5SotlmjF9p6pvxsLUenot6jdb4OW0g2iDmNh4cj8tOkBB98hEULbd7CsmadYGgOQUi27hogR8VjMd2nIcmZGGhzzWsk1Evl7vLCQWxdwnxXprvgULzrhbs8Brulb_iRSyeLzISKIavqxpi1TPNLKJydzIb0BsQSDj6JfHMpMEop6QOCYRozQokce4nRHzv0snB7kUwCPBW3KsK9y95it0TJLW8vUzYIUYJyBBpGyacG5RE1_qFcTU0VSW2SiHp2dwAcotTCp0hWDY-6iucimkTvhpOf08npBST-QSiH3kk0x_KU4K0LFYfTEANZTzVK520cCpeNPR4zLvd1UrL2f3IfkvjAwmzaT_XeiUFWMZ9vDDlWWi9Yr_8gE5kUo-fBLnFQNhtxkTvqFCu5GH1kG7o3By77qyD__ZCbrhwjVN-WWAVyLB6hSOfvhWRgL7FA9FPKoSgr-1tninBU6TzgQrgoFUA_bWoyAF9uSlYOZReUsYLRX4hG_mpszhxibdK6lk8AmJmNfoLbQCS8X_rgKuEjN3WQR6FKED2tpP2n9SW72S7JkzahaqxpJ59SbnoX-SsDDzZ4GXZ9IHB86XlTTsT_SfNxjt69ENEJgjeyzSD0NHLxIN2NSHArY1d96EA3_3U0zQAG4sbrEPqF9trs-CA3jgQJmceI1frtcvatKDOtxbSuQui5-Oqmq96Qf6deD6kjxu0boBhz5BTSFq7E0vin9GLMwQCOIVkeAaOR6zUzOd3Ct4zh0BV4PBLG4OYESt5xvheR1ignriAdwnU60D2dTz7GWnKzhVIeAwqNVcM8DB49gDeR6uer5LBzM9p9Qhr7lW2PMGw0D8ICGgDtDJStLcwbZNkw9fGZOVSSw4byfWh45LQhHzPC7by6W4-2F5OAVoYqalDCIJCmNMKArDpNlJEYtaFE0_Vuzk2yq6jG40z1InDjaWvTQfhu5sn0TCL_2zwqv_SGG1MVkLTpY13zFg6trqmc7gUoo&sai=AMfl-YQxF94-X4iP2BZ8HoOgmqwT9v4oNKwuA6ebenVCy4t26ltPqwzXI2ybIPuWlLKs0tyGFlMIQKbnoxhmtiZzZooZj3QniHxEJTu1y3iuCBwmDhgUilIEUFzn86Ca3zUA9kGGDyGhc9tJmQ&sig=Cg0ArKJSzCJmCHiTBGW8EAE&cid=CAQSPAAvHhf_UJzxIb7iA7nrkSeJ0mgkElYac-0oKYYpi0OZJhucTcLTRUPNMVfuVGiJ2_4bwPnMWlDNbRX4OxgB&id=lidar2&mcvt=1101&p=0,436,90,1164&mtos=1101,1101,1101,1101,1101&tos=1101,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1479370235&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358592969&rpt=1403&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
in_place.js
resources.infolinks.com/js/1914.009-3.034/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1914.009-3.034/in_place.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ea62c199514d68eed527ea54f5297b51d299636f30e91bc13606309488697ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 17 Dec 2023 18:05:02 GMT
server
cloudflare
age
3465
etag
W/"8c81-60cb878e582c1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
840244e60c895c64-MIA
expires
Sat, 03 Feb 2024 07:58:50 GMT
usync.html
eus.rubiconproject.com/ Frame 96D6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:35 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF4E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704358595193.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=130866
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
Fri, 05 Jan 2024 21:17:41 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 04 Jan 2024 08:56:34 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP008
x-33x-status
40000000008200000A
/
ssc-cms.33across.com/ps/ Frame 52EE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4a708add-0e53-4734-a44e-5c66e044d0b5&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=97c6f5a2-cd54-4303-8f86-b973f7a4e46c
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=97c6f5a2-cd54-4303-8f86-b973f7a4e46c
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 04 Jan 2024 08:56:34 GMT
server
33XP017

Redirect headers

Location
//ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=97c6f5a2-cd54-4303-8f86-b973f7a4e46c
Date
Thu, 04 Jan 2024 08:56:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
ssc-cms.33across.com/ps/ Frame 52EE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-SIIVgllE2uGjpi8G.pNW4Z.Adup1m_28~A
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-SIIVgllE2uGjpi8G.pNW4Z.Adup1m_28~A
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 04 Jan 2024 08:56:35 GMT
server
33XP019

Redirect headers

location
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-SIIVgllE2uGjpi8G.pNW4Z.Adup1m_28~A
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
events-ssc.33across.com/ Frame 52EE
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4e8f27a3fdfb05ee&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAB9JqETkMN5AMVnG6VAAAAAAA&expiration=1704444995&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB9JqETkMN5AMVnG6VAAAAAAA&ts=1704358595&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB9JqETkMN5AMVnG6VAAAAAAA&ts=1704358595&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB9JqETkMN5AMVnG6VAAAAAAA&ts=1704358595&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 52EE
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2470123173329690347838
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2470123173329690347838&ts=1704358595&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2470123173329690347838&ts=1704358595&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2470123173329690347838&ts=1704358595&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F44 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSIQv0pW8ksABPf1EewAh8T8TNV3WCBCIYKp6vpDZ7GbHEAO0OI_LGXnsPbv8HRbdoBlrXUnjkIHKZIrzug3wG8gRmM2VNoasvTkZq2y_oYIm1ALD8bJ2QlBaJL-s0-WIc9G4-iAE4dlTMiJWfDG6Me_YsslXBv3vLCcHtCLnaAOA6dSR0yACguAgomOmLBXPDUmCRDqf7LTb9HXR9vJ897lGcxuwfujpOEg7EdLuQbTi_YLVkbYpJxl8sEjmWSMneDyy7u2wdHoYLusXCrEeOO1L21Pkmk9fLGd-Yc6sSp_5XFQnC2vKYHtslhLqmutYtLOsHBX5eiMVIDFVt6t2ZhVGGOC31Db50Dg7f9vViIW8xdzy8T0XEEuOPBGvS5B-v7lXRStRj2T1272Nb32XleM1FP47NIGw_bmjWXOApPYKYeJmKuMk-D6UYPcK7HCjCmhdpPCLvdx383ZR7Y4xlB93VHW7A5Otm51KFJ8YZMVpoO6Rrx8hyYuUn3Az_OUJpmrFZY2DJuURzmczn4IhD-BAPyDZv8LCJZ3h5EkjidcvaS06kDNluoAPWhReQKtoT7qh-KKVLWWxNTwZoGqYHuRS-4Brsn0xX_3qUEv0ctrBXVZiHJP5UK6jB2PAMnu-ORleFeOIYvwgN-A4F8VBXimn3ZbelH1glhW9iHg2tryQ3_XnTHz-Ch5CBor8eF2FneOLymXQ_MgznvUY-7H50F8IW649W6aJT8n2GVMP9zita4zLvrA4Z9gS_HB_HBwVEGaaUZ6wIoJwFcK-vYunREqKWMqC3W0aOYN6J4fHQ_jct6OfO3tTVs-DZbMCWW6Ma1zVCS6k5Yf4rEl12mpFrYZL8JthYhO4-4G9PzH32XvVcwFYWa60GVN0601AqFvMxbEp3qXETyaUO4mk6VEN2wZKnks4NpeOYTIa_7i4r2yRlflNHujY43Go65ib2-joWkUjO_FxMtch2VTcf1SC4JcWuI61leuMlsCFMg0AgbTnI9x-8LZCc_ngadt86BttkaSGPomtG2vyRzMsdr3pJ0mdTGKt-6pTLsOck20VDbfyb4crvEwfeCWQFnA7_m4_EKr27x-AT19OQR85DIGkMONyfMWjhGykxyyEwpvhWAnRVL0Bmg7q34Boce_Kz9z-83-V43L2aWtec_oOytO94wQ2UICZokCDS6Rx2Nx-qTfzIUEg0BOsbl3QrrBEoUEe7YxaBTUs_FZX06oi95kFf13Wgg1fSE5Wrj6D7_QCqBvltC-f4nP0Y3HiiEE37hNYBDjn7nPmTzGdvJKgdw5JQ-xCeXD3NHETIAwb8Eby-E3gYtcGdbfa-JySG9NhQaKYU8GbNooyDhpQoNjmKfU53PkQs9veyEdbDGl-ddIcd0_KcUyZiqTusyJvPlFrom3bxtWVfCiE-ByLRyBDijBxMdoiVStzh1uom4iYDRxMcnyCNuIMqhbb9W_YeBY1lLmCrGHTopbX0GIHXQnALb7EsP1wqdUtZ1KKdA9wJbRKSLwqzEGcDELVdndap-jX-QVRP46YUbQtOdpj4YGSDfdSBEtJnDkkn5rISOklKHIiJyb7b8aMdOo6Vzyo&sai=AMfl-YR4tGyQxWajPDI3FjzI7B8aWkEY0WJgwMbW9z0ouPeiDmOSR4usD2_xrvz2KYzFqxTya-iskUtFTO7fU-zDPqggxe68kJr5hUQVNDF5NJ_Dmc0JW6goW1CgEeWnevUsdT6TKhQp2thfsQ&sig=Cg0ArKJSzGYWmmO4v3MtEAE&cid=CAQSPAAvHhf_wmFtGdIPKn4g_BUU2Knb-dGENWFJTrzdQK8qKFAQnJdTdGZVRuKKLhoCA8I07MMRBTbUoIXa8BgB&id=ampim&o=8,430&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1133&mtos=0,0,1133,1133,1133&tos=0,0,1133,0,0&tfs=1776&tls=2909&g=100&h=100&tt=2909&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A3E0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZc-MvkaWcwP-_tRuKh813kUtA66WSe40886SYMX0dQfqHFqqIiSuvJRjihwLzqM1m-x88OB8TBK6BtCTwnnbr3FRHWwk762tO-AVZfWX3oNdmM_32oEQFsu2xIcBco_kNNFybn9v3SUtPth8tBCm_1KVMru5ZU2TjY9o4lxxUGvS-qtbSSTNwvJmj1tEKbBuD0G0n-hEGm8uUMKBX0I28adet8K2EbqdH4YwdE1m6wRR38vxZtIO0iHACwmWEfn7QCVjykqvH4XtSFtRGVY0WBPhJhQFc_zNmyfNMePmM6XxojmaG9uBcXlY0sjmK_AbG2eTKkBXJ-6SSJvMIFHO8dRUQ4PtKDLW9DQFc0OO_4Obzk6WVwCTXux-r-9tn4Ws-6miEbotxjWuXb1nf2PqUMahQJrnQ8iI7CDMCBKJgYioVMe5WdShvTnpooOcoG2cC9ppa7yLXiQedvDBgG1XAS3TImmHbUtpA8gCcu9tUVClTbGte349fldWRy0td5Mk_A3k8MUiBn_4qBz9ECwnGSRc9dIozxLZhIaN4QMSWb1xAqio45GFwQUyQLA94gFRPW4mADaHbt5PWBDTUT1oX__MVWStLFEcMOH9Ai8mj9F7WP5Ew4qAdOX7O04IFpX_clJlkwbF6E4PDgUAgNFdLhXo4mp-zsJYkwNspK5hxswHEuaxCFJLIdpU7PcRJSAdS_IdRUdvH1Vsfq0mdE3_vW5aK9cvuMdSk54AoaTxT8rWdIw-ol2gGo4UCCOVSxDwPGgNdC1WKJlZq29edQb7REQFPMNrHBf5c5DzKCt_4ttb_h3e5FXfGUruqFDo4QGvEZAWfEvXscDVL98Ud7Ns7ckwM-i8lYTkBhVgnHnbxw0xU0sDE0GLKkyzH9QaGEjRnBlMjDsot2_9XlZj3VfM76MNWr6U5NzasPxFkRBonvyuTpwYhF2RPjIKesSGj47GM0vUjRVtf4YhwOjwuGgN_sNkk3n47QrWhDrM67OIhKbzhMVvMpTluioE1tENrFCr5JftnJsnKX0aY_BClkOk1JPKH0y4qS9-kxh-kbhvR1a0DxRvs7lBtUfMe2G2wWx1FQwVAz6wHbdsYc49EA4jGdLh58uqk9mL6Z6qWfAO7l9dHLGFkIG6SK9_a4rzSQsg60E2JFRQVCZXxzY4qPfUsuyy1J1BVeMSyJdUGj5_dpSeKp4nWPPtq4meCJoT0D402EjljU6pT2xV4C-bkketmEU-Zp2evvpyy1oelLdGVmqQthxeoxcNwEWS1Q2fpFsMJFK_1Yv8RbFmNC3wnrsWAZ4BCXrCaYNVr8Jng1E4u8-1Yfais3eNjSLaMmv2L32mjBCrT9egA2xECwF-McFXRwYliFKT9KHq0jWCpXjMeCOmlauMKMo2iozYx1jMuSGqaeNHxa6ubpdE_TeTT-tZ-hKWj40zY25bIUWWEEvKVRqN4Bk2EfbQm2KbdhcwPDIdsZkTnVxtl_6Ob3i9YA0ZuFEWFHOWjgF12TC7MlObtt7yrNQqCw2qhwROTBTVB5sroJSffHNwN5k2zZg2rf0z5zmn1BXQiuBXfVnmHXOIH5xD-_4eq0yUjKPF86Y0w8bC-&sai=AMfl-YQYyuoxmtq-r9ZO-DPkh9KcrwLpUNcGPpwjUXFm8xAQ3gPd6Y3y7imHj9c-poWkWI5tmvDOdnXMyP6U25H7n3knjYLQpyUQN1qvealiu4lJLKLuw9oy174VX6Bsv-7HMLki7h05K3-Fwg&sig=Cg0ArKJSzOvkKEeyr7NFEAE&cid=CAQSPAAvHhf_taA2s2lYW1J-9NyJ8NiVdcEDEdO-TxgfuONQ3I56wNLKV_1nPlwCh0Gtm3J4BuCg1Luw0L54eRgB&id=ampim&o=1432,430&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1134&mtos=0,0,1134,1134,1134&tos=0,0,1134,0,0&tfs=1439&tls=2573&g=100&h=100&tt=2573&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 03C9 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=1663128080&adf=2936580310&pi=t.ma~as.3925753591&w=771&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=771x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591007&bpp=1&bdt=661&idt=380&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
116728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 00:31:07 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x88bda9d5f88dda8b0000000000000000%22,%222%22:%220x423cbe006ac2c4a0000000000000000%22,%223%22:%220xbd10b0b582b87890000000000000000%22,%224%22:%220xce78b6ec0c64cf0a0000000000000000%22,%225%22:%220xe08f966ee3927f020000000000000000%22},%22debug_key%22:%2211538322674021617687%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221330797567572316177%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		80 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=328512134&pt=17&dpn=1&jsver=5.36&iiqidtype=2&iiqpcid=f10d0cab-1d7e-431b-8707-9fa24e83dcb1&iiqpciddate=1704358591279&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=935_1704358595562&fbp=646215236&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/iquid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-19.yul62.r.cloudfront.net
Software
/
Resource Hash
c1fdc109b63ffdfe2a6d236f3c7913440d54041ddd2988a8bed057d08586814e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
3600
vary
Origin
content-type
text/html
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-methods
POST, GET
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
Zf2XEwHrrYfu0JyEfB6R4KowARZMU5wfFg7gVllPRFMjK4SHxLETvQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=129963&iiqidtype=2&iiqpcid=f10d0cab-1d7e-431b-8707-9fa24e83dcb1&iiqpciddate=1704358591279&tsrnd=742_1704358595562&fbp=646215236&jsver=5.36&abtp=100&abtg=A
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:d200:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
MmF_dxG9AKUMARglOvCcKpsYmb2_hOkodMXWPxw8C6WqGB3rt87gVQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4eb282a4bea46a430000000000000000%22,%222%22:%220x8188763280b65c0d0000000000000000%22,%223%22:%220x57a71576560c42330000000000000000%22,%224%22:%220x47465ee25d7fbc5a0000000000000000%22,%225%22:%220x7d798568ccb896ee0000000000000000%22},%22debug_key%22:%2212915839673057447507%22,%22debug_reporting%22:true,%22destination%22:%22https://miamidade.gov%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950153867%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214449335318488123057%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 4541 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
116728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 00:31:07 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x88bda9d5f88dda8b0000000000000000%22,%222%22:%220x423cbe006ac2c4a0000000000000000%22,%223%22:%220xbd10b0b582b87890000000000000000%22,%224%22:%220xce78b6ec0c64cf0a0000000000000000%22,%225%22:%220xe08f966ee3927f020000000000000000%22},%22debug_key%22:%2213831010329402346234%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229936389462637891793%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9624 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:26:34 GMT
x-content-type-options
nosniff
age
27001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 01:26:34 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2d4fb2d177ea12dd0000000000000000%22,%222%22:%220x4241a4ab9dd5b8c60000000000000000%22,%223%22:%220xcdb6433e56e3d7890000000000000000%22,%224%22:%220x96cfb8a380295a1b0000000000000000%22,%225%22:%220xf6ceb574acadaf8e0000000000000000%22},%22debug_key%22:%226272100905726722113%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22926422171%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221428898484055820689%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D4B8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGw59sM8gQdwT0BYzJbca1VFAwlymDnGyAlYp-Rp5VpDKZM4pU6YZneUexF_Yi-9csw1cXNkBfNqzG9wz5WRYjkIB06uYsP9KlWTudPDYS7fXX9pUbFLb7&sig=Cg0ArKJSzAuCN4jcFkmMEAE&id=lidar2&mcvt=1058&p=509,0,1109,300&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3118109403&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358592652&rpt=1774&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame AEAA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL4z2zmWufhI6acOCxRSeUs&google_cver=1&google_push=AXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL4z2zmWufhI6acOCxRSeUs&google_cver=1&google_push=AXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL4z2zmWufhI6acOCxRSeUs&google_cver=1&google_push=AXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
840244e7ebe2259a-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1475
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL4z2zmWufhI6acOCxRSeUs&google_cver=1&google_push=AXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSvnyUsRIM1icqi70TXBrLia1ilBvKBg7QeFwwFXT8HoOKYOISSAdhVVDzoVDjcEfl0KMZrpp08rUfATNHcrgZeXSHayK5Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
840244e72b73259a-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AEAA
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEGCCwLJhQOhcOwXIrg24HBM&google_cver=1&google_push=AXcoOmT6Ayx3buKDWybvKt4LC4NliRfU7EfULxJI0oe8itdRDOfY-6MY3Nn559ZxcBufIDZNxyIwpGi756YqT_JMmdUf-BBQlmM
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT6Ayx3buKDWybvKt4LC4NliRfU7EfULxJI0oe8itdRDOfY-6MY3Nn559ZxcBufIDZNxyIwpGi756YqT_JMmdUf-BBQlmM&google_hm=UjMzNjQ1XzEwRUMwQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT6Ayx3buKDWybvKt4LC4NliRfU7EfULxJI0oe8itdRDOfY-6MY3Nn559ZxcBufIDZNxyIwpGi756YqT_JMmdUf-BBQlmM&google_hm=UjMzNjQ1XzEwRUMwQzBGM19DRDAxMTk5NQ%3D%3D
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT6Ayx3buKDWybvKt4LC4NliRfU7EfULxJI0oe8itdRDOfY-6MY3Nn559ZxcBufIDZNxyIwpGi756YqT_JMmdUf-BBQlmM&google_hm=UjMzNjQ1XzEwRUMwQzBGM19DRDAxMTk5NQ%3D%3D
Date
Thu, 04 Jan 2024 08:56:34 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-387363395; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
345
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame AEAA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIu-tceeFS8IAp1WF8W20W0&google_cver=1&google_push=AXcoOmQiy1w3v55a4UGw_H4BnTxZYvbPJla_UGeuDW19dJLcXg0u6gdfEwwbBup3RQy36oEs7SkTKCRR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxODg4ODI3NTI4Mzg5OTA0Nw&google_push=AXcoOmQiy1w3v55a4UGw_H4BnTxZYvbPJla_UGeuDW19dJLcXg0u6gdfEwwbBup3RQy36oEs7SkTKC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxODg4ODI3NTI4Mzg5OTA0Nw&google_push=AXcoOmQiy1w3v55a4UGw_H4BnTxZYvbPJla_UGeuDW19dJLcXg0u6gdfEwwbBup3RQy36oEs7SkTKCRR2BcdmzFbRE2gcFtaE-BA
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxODg4ODI3NTI4Mzg5OTA0Nw&google_push=AXcoOmQiy1w3v55a4UGw_H4BnTxZYvbPJla_UGeuDW19dJLcXg0u6gdfEwwbBup3RQy36oEs7SkTKCRR2BcdmzFbRE2gcFtaE-BA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame AEAA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOR97lrEJTwCDw-u45ueqd0&google_cver=1&google_push=AXcoOmQLEpAD3htET7WY7O3XW24VYE260bQaJyknrG_iI4MwRvD3PI3-16g2QEMH0Wkl4A5_3e7EJ-GeTo0P...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQLEpAD3htET7WY7O3XW24VYE260bQaJyknrG_iI4MwRvD3PI3-16g2QEMH0Wkl4A5_3e7EJ-GeTo0P3PVcJt8XUApbVYBE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQLEpAD3htET7WY7O3XW24VYE260bQaJyknrG_iI4MwRvD3PI3-16g2QEMH0Wkl4A5_3e7EJ-GeTo0P3PVcJt8XUApbVYBE
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQLEpAD3htET7WY7O3XW24VYE260bQaJyknrG_iI4MwRvD3PI3-16g2QEMH0Wkl4A5_3e7EJ-GeTo0P3PVcJt8XUApbVYBE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame AEAA
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJCaOtKJW7ekA23FCQg88NY&google_cver=1&google_push=AXcoOmR8SiLhzvg1bj8tgGmF2grzH3nvQwx5Lp-9i9H8TLw2SSu-vBmLycM_X8rlDnKa1dlO3vgziE...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR8SiLhzvg1bj8tgGmF2grzH3nvQwx5Lp-9i9H8TLw2SSu-vBmLycM_X8rlDnKa1dlO3vgziEMOBzVXS2q4411Ssbodak8I&google_hm=MzAxMTI5Nj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR8SiLhzvg1bj8tgGmF2grzH3nvQwx5Lp-9i9H8TLw2SSu-vBmLycM_X8rlDnKa1dlO3vgziEMOBzVXS2q4411Ssbodak8I&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR8SiLhzvg1bj8tgGmF2grzH3nvQwx5Lp-9i9H8TLw2SSu-vBmLycM_X8rlDnKa1dlO3vgziEMOBzVXS2q4411Ssbodak8I&google_hm=MzAxMTI5NjI1MDAyNDQ5OTI2Mw%3D%3D
date
Thu, 04 Jan 2024 08:56:35 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame AEAA
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEA4dwdir5C8Q6Lez_9kQLDc&google_cver=1&google_push=AXcoOmQjVY_XD1tAHBpMKYNCYaZeLFvaf9LtwKbRnGCE6kIHhxmpL7FzsN1B2Tdzj_Q6EnJ_CvaYrkIkp-R8CDhyO...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDQ3ZDVhNWQtN2IzYy00MTNmLWEzZjktODg1ODYwYWQ1N2Fl&google_push=AXcoOmQjVY_XD1tAHBpMKYNCYaZeLFvaf9LtwKbRnGCE6kIHhxmpL7FzsN1B2Tdz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDQ3ZDVhNWQtN2IzYy00MTNmLWEzZjktODg1ODYwYWQ1N2Fl&google_push=AXcoOmQjVY_XD1tAHBpMKYNCYaZeLFvaf9LtwKbRnGCE6kIHhxmpL7FzsN1B2Tdzj_Q6EnJ_CvaYrkIkp-R8CDhyOuFbR1IUOFET
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDQ3ZDVhNWQtN2IzYy00MTNmLWEzZjktODg1ODYwYWQ1N2Fl&google_push=AXcoOmQjVY_XD1tAHBpMKYNCYaZeLFvaf9LtwKbRnGCE6kIHhxmpL7FzsN1B2Tdzj_Q6EnJ_CvaYrkIkp-R8CDhyOuFbR1IUOFET
date
Thu, 04 Jan 2024 08:56:35 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame AEAA
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEBpzweG2ZaFi22d8FlhF9Qs&google_cver=1&google_push=AXcoOmRQcgiEJcT9NwZmpDux2_I9Vke3aHQlsAAD0nicXNeh8j02EYsKI6eeWwlY4KVqdd1iHG6mk1RS2J_Grwg...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=CAws9VDNGkqPo7zLnWmRKg&google_push=AXcoOmRQcgiEJcT9NwZmpDux2_I9Vke3aHQlsAAD0nicXNeh8j02EYsKI6eeWwlY4KVqdd1iHG6mk1RS2J_Grwg39FUCoU2Dy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=CAws9VDNGkqPo7zLnWmRKg&google_push=AXcoOmRQcgiEJcT9NwZmpDux2_I9Vke3aHQlsAAD0nicXNeh8j02EYsKI6eeWwlY4KVqdd1iHG6mk1RS2J_Grwg39FUCoU2DyIELTQ
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=CAws9VDNGkqPo7zLnWmRKg&google_push=AXcoOmRQcgiEJcT9NwZmpDux2_I9Vke3aHQlsAAD0nicXNeh8j02EYsKI6eeWwlY4KVqdd1iHG6mk1RS2J_Grwg39FUCoU2DyIELTQ
Date
Thu, 04 Jan 2024 08:56:35 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame AEAA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IudbmY1W5TwStwD8x5L1TXs_4tbxsAxitHKEa_vPBrMifmrg6bPgD7pLWOIokgk7gW6j-tclM
Requested by
Host: 168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
URL: https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
AGSKWxXCsrjYZEMtxyBEnJgTLCLmr-SC9btsqs80_NKsBPhH6c7iSSjyU1sglHsXLTZWuoNzVMZhRMN8Jmz7LKyTZ4cTgV0yTIoMg9lwCtlrT78OlybC6fHYOJVGSNhqSU_aRczCm__wQg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXCsrjYZEMtxyBEnJgTLCLmr-SC9btsqs80_NKsBPhH6c7iSSjyU1sglHsXLTZWuoNzVMZhRMN8Jmz7LKyTZ4cTgV0yTIoMg9lwCtlrT78OlybC6fHYOJVGSNhqSU_aRczCm__wQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HJ36oIitNfbtqRbgszKC1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HJ36oIitNfbtqRbgszKC1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXW_wmn8psJsuGgQbRYUgyeWKJ942YfLXQI50J3CN_3RqS7slk4mwfZj2_hth0c5PpaaDxxi7o1x9xSjxQ8OZRBgPPRbHDEJcBfT268rGQ3D8vdebl8YfPzI039o0Ym3eIeXB8bbQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMyiHPCAyLFmNsmEoAFl7FGwL5Wu8Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-biddXjgHNb9S49Rc_MiHrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-biddXjgHNb9S49Rc_MiHrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://duperb-shop.ngontinh24.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F176 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71923
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:55:18 GMT
amd-us
router.infolinks.com/dyn/ Frame B09B
Redirect Chain
  • https://tracker.exchange.amitydigital.io/sync?id=11&uid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed
  • https://router.infolinks.com/dyn/amd-us?user_id=e8ada473-c67f-217f-2b24-39cc63c74461
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/amd-us?user_id=e8ada473-c67f-217f-2b24-39cc63c74461
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e88e1c5c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

location
https://router.infolinks.com/dyn/amd-us?user_id=e8ada473-c67f-217f-2b24-39cc63c74461
content-length
100
content-type
text/plain; charset=utf-8
ta-usync
router.infolinks.com/dyn/ Frame B09B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed=&partner_id=3337&partner_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fta-usync%3Fuid%3D%24%7BTA_DE...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=05661250126780334361948498372883485275&pt=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385%2Chttps%253A%252F%252Frouter.infolinks.com%...
  • https://router.infolinks.com/dyn/ta-usync?uid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385
35 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ta-usync?uid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e9ef395c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:36 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://router.infolinks.com/dyn/ta-usync?uid=3d1b2723-fc4b-48f1-9bfb-e6a6d7355385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
152mus
router.infolinks.com/dyn/ Frame B09B
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=202694&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F152mus%3Fuid%3D%7BUID%7D
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202694%26dsp%3D639242%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=202694&dsp=639242&t=image&uid=636979850693708765
  • https://router.infolinks.com/dyn/152mus?uid=A6889557712162601980
35 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/152mus?uid=A6889557712162601980
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e9ef415c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:36 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/152mus?uid=A6889557712162601980
Date
Thu, 04 Jan 2024 08:56:36 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
0
cons-us
router.infolinks.com/dyn/ Frame B09B
Redirect Chain
  • https://e.serverbid.com/usersync?cspi=154&ttt=1&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fcons-us%3Fuser_id%3D%24%7BUID%7D
  • https://router.infolinks.com/dyn/cons-us?user_id=d6c96a57362a4209896a57362a820900
35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/cons-us?user_id=d6c96a57362a4209896a57362a820900
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
840244e7edb85c64-MIA
content-length
35
expires
Wed, 04 Jan 2023 08:56:35 GMT

Redirect headers

access-control-allow-origin
*
location
https://router.infolinks.com/dyn/cons-us?user_id=d6c96a57362a4209896a57362a820900
date
Thu, 04 Jan 2024 08:56:35 GMT
access-control-allow-headers
origin, content-type, accept
content-length
0
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdp...
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
an-x-request-uuid
a87f0c3c-e977-4018-bde2-d1cb71fadff0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
an-x-request-uuid
eb1ac257-3da5-4e0f-bcac-853ea939c83e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%2...
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=dfd9c401-4826-49c5-a91b-134ec9897dcf
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=dfd9c401-4826-49c5-a91b-134ec9897dcf
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=dfd9c401-4826-49c5-a91b-134ec9897dcf
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
801481
content-length
0
expires
Thu, 04 Jan 2024 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=gVXHfCgGgQqeNbFHmIzn3tA36R2nBpmyXgt9ywnHj5g&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT, Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3718888275283899047&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Thu, 04 Jan 2024 08:56:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame DA65 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=d5bc226a1bc13e0585575a375e2ac5e5
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-42.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
YUL62-C2
x-amz-cf-id
blmx8_qLElC5dGiHRTcB6OFsT2EQyCMsvNv78V_xvwMvHGOEzU_btg==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAK7pU7LLOYAABZ7UayRiw&name=BEESWAX
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAK7pU7LLOYAABZ7UayRiw&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAK7pU7LLOYAABZ7UayRiw&name=BEESWAX
Date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&name=THE_TRADE_DESK
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&name=THE_TRADE_DESK
date
Thu, 04 Jan 2024 08:56:35 GMT
server
Kestrel
content-length
319
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=oaPM0sJO2eiGBZGXbFb6&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=oaPM0sJO2eiGBZGXbFb6&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=oaPM0sJO2eiGBZGXbFb6&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
225
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=oaPM0sJO2eiGBZGXbFb6&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=oaPM0sJO2eiGBZGXbFb6&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=oaPM0sJO2eiGBZGXbFb6&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2%20&gdpr_consent=null&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2 &gdpr_consent=null&gdpr=0
date
Thu, 04 Jan 2024 08:56:36 GMT
server
_
content-length
0
sn.ashx
pmp.mxptint.net/ Frame DA65
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10EC0C0F3_CD011995&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-387363396; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:35 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-387363396; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ff220400dbed7046430cc2&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ff220400dbed7046430cc2&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09ff220400dbed7046430cc2&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Thu, 04 Jan 2024 08:56:36 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-ef956d8e-f409-5138-7252-8d79ad66eee1$ip$38.132.118.68&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-ef956d8e-f409-5138-7252-8d79ad66eee1$ip$38.132.118.68&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-ef956d8e-f409-5138-7252-8d79ad66eee1$ip$38.132.118.68&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Thu, 04 Jan 2024 08:56:35 GMT
Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=utf-8
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNT...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=d43f5c03-b56a-48c4-be6b-bb4923127fef&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=d43f5c03-b56a-48c4-be6b-bb4923127fef&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=d43f5c03-b56a-48c4-be6b-bb4923127fef&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=196a60dc5be448d19d2517c4d452c5f6&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=196a60dc5be448d19d2517c4d452c5f6&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=196a60dc5be448d19d2517c4d452c5f6&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
pixel
ap.lijit.com/ Frame DA65 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 04 Jan 2024 08:56:35 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync-iframe
cs-server-s2s.yellowblue.io/ Frame DA65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.227.185.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sync
visitor.omnitagjs.com/visitor/ Frame DA65
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=4c274e16-0996-4920-97e8-8091cd32e709&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=4c274e16-0996-4920-97e8-8091cd32e709&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Thu, 04 Jan 2024 08:55:44 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=4c274e16-0996-4920-97e8-8091cd32e709&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame DA65 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 54DF 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
116728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 00:31:07 GMT
d5435a29cdf293e25ee24dd79b71c38e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/d5435a29cdf293e25ee24dd79b71c38e.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d47b225460565712cf74d7e590e038e05f03a098fccc984a08f482f36db4ed93
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50759
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3b777b46c08e1ec65493c2ca556183d4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		113 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/3b777b46c08e1ec65493c2ca556183d4.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eafafb205ec50b963795ef19e4690f90c5941c2605d5d31bd4e22b0dbf27170e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
51201b723fe45875025463d96f0fc0dd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/51201b723fe45875025463d96f0fc0dd.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
844a3c40ac0aae8539c5737af087eeb540522ca5903162f795bdfbf3e2fdb042
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5080
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
66537b12b083a80229751694740f3042.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		111 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/66537b12b083a80229751694740f3042.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7237e3abae7da99ef56185f7b2dcf53781a6e9f677ab202c221260fd3b1851f2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
2fc43ce0c44d2bd876b558ef41677321.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/2fc43ce0c44d2bd876b558ef41677321.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90a847214fb03bd48f9d5b7882c61f5ed7955cc3bf4c6ff347e95490c120f730
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 05:00:47 GMT
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1588
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8e779e187904eb5b175e6ce9d88191db.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		112 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/8e779e187904eb5b175e6ce9d88191db.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56243d82f53e3fdd390332f9a8e02c75dce0eb5351ced4bcb363f8d533b0ce0b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
2f8b723339533488bd27ade5256ef6cf.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/2f8b723339533488bd27ade5256ef6cf.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ac192e5a36b6e93c39c378f5ba264f332f5650150face483ae45ec94e18e6d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 05:00:47 GMT
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2642
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ab5af3a97e63334dcc2843b37c751591.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		107 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ab5af3a97e63334dcc2843b37c751591.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40d90847b61a8a221f1698cb40a76a5fe9b81899da34ceee38053a950a5c56c5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
fa0f05aaef85b7cab633dc20f05da0f3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/fa0f05aaef85b7cab633dc20f05da0f3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa91ed7d8104858b34338a4e403c48d99e5c18042377e69c49d30a42d8e20dbf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1495
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3d5d43b9412abe5172dca8ed55ea8d6a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/3d5d43b9412abe5172dca8ed55ea8d6a.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0b12b6f6d70be1490bd520cd667924b0143655328476caa644be9f97ec49dd5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3533
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
css
fonts.googleapis.com/ Frame 72DB 		2 KB
555 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/516d85f1a3fc778d26bcf79692ddf242.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 08:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 07:45:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 08:56:35 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 9624
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cn8TNv3KWZdaEGozUoPMPmryl2A-TjLf-c6D_wKG2Eoe0_J_cAhABII3V3iRgyYaAgNyjxBCgAdm89-4pyAEJqAMByAPLBKoE-QFP0M8UMurrxN_BiKIUiQHfVx4_xw3CMPmx7Bz6jSi3e2b...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd3414ed2c1023b730000000000000000%22,%222%22:%220x31f9b5cb0151b1f40000000000000000%22,%223%22:%220xc3bff8...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd3414ed2c1023b730000000000000000%22,%222%22:%220x31f9b5cb0151b1f40000000000000000%22,%223%22:%220xc3bff8ed96d3c40b0000000000000000%22,%224%22:%220xed51192e8e5075680000000000000000%22,%225%22:%220x46ece16e33c37eca0000000000000000%22},%22debug_key%22:%229039211009992912007%22,%22debug_reporting%22:true,%22destination%22:%22https://sm360photobooths.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211238497881%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229279240488061552961%22}&andc=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xd3414ed2c1023b730000000000000000","2":"0x31f9b5cb0151b1f40000000000000000","3":"0xc3bff8ed96d3c40b0000000000000000","4":"0xed51192e8e5075680000000000000000","5":"0x46ece16e33c37eca0000000000000000"},"debug_key":"9039211009992912007","debug_reporting":true,"destination":"https://sm360photobooths.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11238497881"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"9279240488061552961"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 04 Jan 2024 08:56:36 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd3414ed2c1023b730000000000000000","2":"0x31f9b5cb0151b1f40000000000000000","3":"0xc3bff8ed96d3c40b0000000000000000","4":"0xed51192e8e5075680000000000000000","5":"0x46ece16e33c37eca0000000000000000"},"debug_key":"9039211009992912007","debug_reporting":true,"destination":"https://sm360photobooths.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11238497881"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"9279240488061552961"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 96D6 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71923
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:55:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FB8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvL_nZJV4hfTIJEs0DzCKKedA4jLnVNhvwpYxHZDRheVHRsYBktK4JdEP8txIPMSLZ5ml8dUOvPSXctV4sE2h3DiRfJOMdrhyKgXTwLiBfEFTl1TYDLaOZOpqSxgjqudbbOYA7EJLIWNQxvxnh4EK-_qOVN&sig=Cg0ArKJSzGsj_-WosByVEAE&id=lidar2&mcvt=1284&p=1110,67,1200,795&mtos=1284,1284,1284,1284,1284&tos=1284,0,0,0,0&v=20240103&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3629196272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358592732&rpt=1844&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.html
s.spotim.market/ Frame F903 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:925:0:3eec:efff:fed0:87d6 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
8b1fc6a6d179218f974d71341dca2d6b944588d1b1021bb3a6306db7751d60f7

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
693
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:35 GMT
Server
Spotim
X-Robots-Tag
noindex
usync.html
eus.rubiconproject.com/ Frame 8A52
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:36 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame B520
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:36 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame F26E 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
de.tynt.com/deb/ Frame 96CF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
3b10c0f3df4bae3eb7e21bf366768c3c2d16f802d1bc9a9c9a599c10115039f2

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2206
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 04 Jan 2024 08:56:35 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8340000A
sync
ssbsync.smartadserver.com/api/ Frame 7420 		898 B
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.52 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
2f857e2daaec939cd0e005f1d56b460969004a22c01e00f64c4d9899ab631ec8

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
898
content-type
text/html
date
Thu, 04 Jan 2024 08:56:35 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
3535ca0300a45a0ee87ac5eb11986abe17547111053b7a08a545c7096372299d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame BFC7 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:6b::17db:9a0a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3f72bc478fe8bdfc0d71966f03269d1400530dc5b86bfe964e181991ba89b19c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Dec 2023 14:00:12 GMT
Server
AkamaiNetStorage
ETag
"9bd2e1c1f91b92b58200dbf9a10e7938:1704270086.237201"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3190
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame BFC7 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:6b::17db:9a12 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:42 GMT
Server
AkamaiNetStorage
ETag
"742b2a86812ba14a01984e42bbf75bd2:1700471507.784273"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame BFC7 		154 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:6b::17db:9a12 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b205e88991731a228fd27cdb2f729a087290f10325d97622ca19b8376524266

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:42 GMT
Server
AkamaiNetStorage
ETag
"16285d7800e5f44b3c3d6d484f4e45fc:1700471508.128762"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4141
idl.js
assets.a-mo.net/js/ Frame 34D2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=duperb-shop.ngontinh24.com&e=27&uid=7104abb1-a97a-4605-b391-df0f51751199
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 72aa1f6d307a536bbaffdcdb498b124c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
840244e93c04db21-MIA
x-amz-cf-id
UXeQ_aoLfWLYcbXpgrA4E8MpYFq5IjKEOA5S4ZnVBLHNX-SvIITlHA==
expires
Thu, 04 Jan 2024 09:56:36 GMT
set
id.a-mx.com/ Frame 34D2
Redirect Chain
  • https://id.a-mx.com/sync?tao=1&&do=duperb-shop.ngontinh24.com
  • https://c3.a-mo.net/b?uid=d4df4ddf-5b8c-4063-915f-64c3f4432203&sh=id.a-mx.com&
  • https://id.a-mx.com/set?oid=d4df4ddf-5b8c-4063-915f-64c3f4432203&uid=7104abb1-a97a-4605-b391-df0f51751199&
99 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/set?oid=d4df4ddf-5b8c-4063-915f-64c3f4432203&uid=7104abb1-a97a-4605-b391-df0f51751199&
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
HTTP/1.1
Server
131.153.203.243 , United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
/
Resource Hash
8061e3f372851cbc35d507caf1adef4fe64bffdf05705861928ee05b7e7f2cbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
null
date
Thu, 4 Jan 2024 08:56:36 GMT
access-control-allow-credentials
true
content-length
99
content-type
application/json

Redirect headers

access-control-allow-origin
null
location
https://id.a-mx.com/set?oid=d4df4ddf-5b8c-4063-915f-64c3f4432203&uid=7104abb1-a97a-4605-b391-df0f51751199&
date
Thu, 4 Jan 2024 08:56:36 GMT
access-control-allow-credentials
true
content-length
0
setuid
prebid.a-mo.net/ Frame 34D2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=7104abb1-a97a-4605-b391-df0f51751199&gdpr=0&us_privacy=1---
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=97c3dfbc-1351-5304-b931-afcfdca7dd0b&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=
Date
Thu, 04 Jan 2024 08:56:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 34D2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=7104abb1-a97a-4605-b391-df0f51751199
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A
0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A
date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame 34D2
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=amx_com&uid=7104abb1-a97a-4605-b391-df0f51751199
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=amx_com&uid=7104abb1-a97a-4605-b391-df0f51751199
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=amx_com&uid=7104abb1-a97a-4605-b391-df0f51751199
date
Thu, 4 Jan 2024 08:56:36 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 34D2
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=openx&uid=f0f0a692-2608-4b97-b138-41a182cc06bd
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=openx&uid=f0f0a692-2608-4b97-b138-41a182cc06bd
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=openx&uid=f0f0a692-2608-4b97-b138-41a182cc06bd
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
setuid
prebid.a-mo.net/ Frame 34D2
Redirect Chain
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=adform&uid=3718888275283899047
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=adform&uid=3718888275283899047
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=adform&uid=3718888275283899047
date
Thu, 04 Jan 2024 08:56:36 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame 34D2
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dpubmatic%26uid%3DEA5C9313-A3DA-4BAA-A...
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=pubmatic&uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=pubmatic&uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=pubmatic&uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 34D2
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=7104abb1-a97a-4605-b391-df0f51751199&bidder=index_rtb&uid=ZZZywtRGY3i0IrndgkdX3AAA%262945
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?us_privacy=1---&A=7104abb1-a97a-4605-b391-df0f51751199&bidder=index_rtb&uid=ZZZywtRGY3i0IrndgkdX3AAA%262945
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBj4obf1%2BWu%2FI3d9f%2Fu42xZwNosImbTCPRs5UmvsC4RSpP%2Bk%2FzWswyOkpdXXw5UbnnPNv%2F6gHkSYpdhyxhOTUbv9RVf3VTqW%2FbXTSkvmOfkcTQrlxWqYg91IDrSs64okhM1%2FeBun"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?us_privacy=1---&A=7104abb1-a97a-4605-b391-df0f51751199&bidder=index_rtb&uid=ZZZywtRGY3i0IrndgkdX3AAA%262945
cache-control
no-cache
cf-ray
840244e93b5174c6-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 34D2
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=sovrn&uid=H7yYaLZHttzIvJpmTweNNASm
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=sovrn&uid=H7yYaLZHttzIvJpmTweNNASm
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=sovrn&uid=H7yYaLZHttzIvJpmTweNNASm
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 34D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7104abb1-a97a-4605-b391-df0f51751199%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=appnexus&uid=636979850693708765
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=appnexus&uid=636979850693708765
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
an-x-request-uuid
3c9485cd-b122-4f49-ad82-d61ff6c80ccc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=7104abb1-a97a-4605-b391-df0f51751199&bidder=appnexus&uid=636979850693708765
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 34D2 		0
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=7104abb1-a97a-4605-b391-df0f51751199&do=duperb-shop.ngontinh24.com
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
content-length
0
content-type
text/html
setuid
prebid-server.rubiconproject.com/ Frame 34D2 		0
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=7104abb1-a97a-4605-b391-df0f51751199&do=duperb-shop.ngontinh24.com
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame 34D2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=7104abb1-a97a-4605-b391-df0f51751199&do=duperb-shop.ngontinh24.com
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
an-x-request-uuid
9a1a9818-a255-448d-b0dd-b0de67cb6c04
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getads.htm
rt3070.infolinks.com/action/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3070.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22u_IL_INPLACE_mmt-4258afea-960f-419a-9cd3-d9b394374220_1_1_ad_728x90%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22u%22%2C%22garc%22%3A0%2C%22as%22%3A%22728*90%22%2C%22sdata%22%3A%22agreement%22%2C%22scs%22%3A%22O7C7gnVN_V%22%7D%5D&rid=6c91e231-b3ee-48e7-9a82-de090dc7af09&jsv=1914.009-3.034&sr=1600X1200&rts=1704358596087&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=120.0.6099.129&dv=p&ce=t&purl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&tzo=-1000&c=c&strg=true&pitc=8~G4yowT0QpNB_-y88db_yl3UXtOaCA1Zc&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=FLzSloy1oZ-6N9XiHd6MYUI5jUlpEJTQi-zo0sVxE_eHM96iq5mHjmVoCmSolmNxOxZ-GCxRqDJ9Qv6bW-RvkFvyFXeMU-i5AVRRhiiS_hLd1h54tkcdnEKDD6ZqY5OC9gwo5255Nhegtx4spk6a5zNNx3i8y0AWnqQN_ooaD64&rsk=31&rcs=WFzFj-BurVeBNnKc2U0--g&cuid=8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed&_pubcid=dfc8442c-6e2c-44a4-9893-8b4d0810a14e&ique=%5Bobject%20Object%5D&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e065c15d3e2a08337de245ec628a68f60870dbaa9c958ed0e601017bf9e5330

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
en-US
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
840244e9af155c64-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 88E1 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7109864259348938&output=html&h=280&slotname=3925753591&adk=676577707&adf=3215562993&pi=t.ma~as.3925753591&w=1200&fwrn=4&fwrnh=100&lmt=1704287131&rafmt=1&format=1200x280&url=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704358591005&bpp=2&bdt=658&idt=372&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7062184289034&frm=20&pv=1&ga_vid=2035237425.1704358591&ga_sid=1704358591&ga_hid=846849896&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934&oid=2&pvsid=2501995322332064&tmod=1145856907&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
116729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 00:31:07 GMT
collect
www.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-54725HQVMF&gtm=45je3bt0v9120859566&_p=1704358590561&gcd=11l1l1l1l1&dma=0&cid=2035237425.1704358591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704358590&sct=1&seg=0&dl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&dt=Duperb%20-%20An%20Experienced%2C%20Professional%2C%20Authoritative%20And%20Trustworthy%20Website&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6559
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-54725HQVMF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd3414ed2c1023b730000000000000000%22,%222%22:%220x31f9b5cb0151b1f40000000000000000%22,%223%22:%220xc3bff8ed96d3c40b0000000000000000%22,%224%22:%220xed51192e8e5075680000000000000000%22,%225%22:%220x46ece16e33c37eca0000000000000000%22},%22debug_key%22:%229039211009992912007%22,%22debug_reporting%22:true,%22destination%22:%22https://sm360photobooths.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211238497881%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229279240488061552961%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bqi.php
lg3.media.net/ Frame 2772 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2886&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_tsce=L368&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349064&vgd_cdv=1141&vgd_cage=1&vgd_rensize=728_90&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fh~OmYMGv9.XA~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9AuA~8xLjMGvhA9.9u~xLjM7UNv9~xLjMLf1MGv9~Q7OvWiuFHWXX9~YzMGJwMGmmQ7v9.WX~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGvuX~GwM8YvX9~L88Ex1vu9h%2Cu9h~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9AuH~L1Oev9.999%2C9~xLjMGvu.Ah~ejfLMxLjMGv9~QYYMBLvfX.uuXi~xLjMjvu9~Qjevff.WW~yN17vou~GGvuiF~QYYMYxjv9.hF~JLEYv9.fh~ejfLMxLjMUNv949~EQ8MNvff%2CuH%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvuuWh~LUJv9%2C9~1AEMGvX.iA%2ChX.Hi~QOvu~x8OvfV1Zw38W7%3DA54NeGYp~NejfLMGvu.Fh~G7OvFhuiA9fWHXufAuuFF9XuuFXuAFAfF9ffH99XuFFA9iih9HAWuHAiW9F9hWiFWHfWhfFAAuufihXufu9uuFuuFAfXHhuiFuWXuWWhFuF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iX~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHu.9F~%3DVvA9hi~UGMxNv9~z7Qvu~UGMxjvzS1~UGMNNUQv9~N7vY81Y8~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HAXWXif~G1Q8QuvuiF~UGM77v9~GwMQOvf9fH9u9f9u~ONvW~ejfLMGvX.AH~77vuuWh~eBMJ-Nv9.W~e8QMQOvWh~xLjMLEQMGvW.FH~GwMNmv9~ONfvu~eM1Qzvi99i~c0v.*QwmE.*~j1Q7v~Nemyvu.Fh~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9AuA~e8QMxLjMjv9~J7vuW~ejfLM8MGv9.9f~e8QMGvFhH.WH~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvWX~LkevHu.9F~jfLMGvu999~BLMGvf.iu%2C9~QYYMQOvf9fH9u9H9A~L1OEv9.999%2C9~Q8OvXAFFWWXHH~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.W~OfEMjvu9~Nejfvu.Fh~AENkviii.WX~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iX~LEQMGvhX.Hi~xLjMQLEQMGvW.FH~LUBEv9.999%2C9~c0fv.*QwmE.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fu~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.fu9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvWiuFHWXX9~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.W~EmQvF~1NM75EJvu~1OGjUvWiuFHWXX9~1YEvu~myG8Ov9.fh9~GkjLv9.9X9~Qx8Ov%3DK4b4TWmRt53H2U5YdH14a9q4cV~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoAiHHiXHWFfAuFfWA~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfHF&vgd_lbt=500&vgda_l1btm=%5B%22SPAMPXL%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=536688544&rrr=tzR-hLcl-L8G36oqjT85AL34IlHrWo9aXW00UuF3n__K_jr-PLgesA%3D%3D&requrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vi=1704358593807455882&ugd=4&cc=US&sc=FL&bdrid=460&subBdr=196&startTime=1704358593756&l1ch=1&l1hcsd=l1!Otp9r|23&mmm=j06lleenrXix_pkmjVSbPnrSwnqQ1IDCtC_E_gi8AYG7O7xku3FAr9wemvDZDA1qoa78FHdNiIUx3bn3HHPm3mIHycDTCaaa&buid=349064&sttm=1704358593765&upk=1704358594.989&hvsid=00001704358593765006462152365617&acid=2ccea5b985facf04b78eacc7e71640e9&verid=3111299&infr=1&twna=1&dma=528&stime=1704358593064&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_mspa=0&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1704358593176655740&vgd_sc=FL&vgd_ecrid=1700080807683300728009000059500&vgd_uspa=0&vgd_mspad=a&vgd_isiolc=1&vgd_pgid=p11752618742t202401040856&vgd_pgids=1&vgd_end=2
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 04 Jan 2024 08:56:36 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 04 Jan 2024 08:56:36 GMT
bqi.php
lg3.media.net/ Frame 2A02 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2930&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_tsce=L368&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349065&vgd_cdv=1141&vgd_cage=1&vgd_rensize=300_250&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.ui~OmYMGv9.XA~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9AuA~8xLjMGvhA9.9u~xLjM7UNv9~xLjMLf1MGv9~Q7OvHfhFAhXfXA~YzMGJwMGmmQ7v9.WX~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGvuX~GwM8YvX9~L88Ex1vu9h%2Cu9h~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9AuH~L1Oev9.999%2C9~xLjMGvu.fW~ejfLMxLjMGv9~QYYMBLvui.XfHX~xLjMjvu9~Qjevff.WW~yN17vou~GGvuiF~QYYMYxjv9.hH~JLEYv9.ui~ejfLMxLjMUNv949~EQ8MNvff%2CuH%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvuuWh~LUJv9%2C9~1AEMGvA.Hi%2ChW.WX~QOvu~x8OvfV1Z85AahfYeG7%3DVLd~NejfLMGvf.fW~G7OvFhuiA9fWHXufAuf9XWAh9fH9Hiu9WiXAhAWFHXiXWhfhXWWu9fuhWXXfFXhuF9WHWiH9XuhiXfF9AHuuf9F9XiWWWXufWXfWAXhAhF9~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHu.9F~%3DVvA9hi~UGMxNv9~z7Qvf~UGMxjvzS1~UGMNNUQv9~N7vY81Y8~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HAXWXif~G1Q8QuvuiF~UGM77v9~GwMQOvf9fH9u9f9u~ONvW~ejfLMGvA.uH~77vuuWh~eBMJ-Nv9.if~QYYMG8Ov9.uH~e8QMQOvWh~xLjMLEQMGvW.FH~GwMNmv9~QmGdv9.9h~ONfvu~eM1Qzvi99i~c0v.*QwmE.*~j1Q7v~Nemyvf.fW~e8QMxLjMGv9.hW~ejfLM8MQOvf9fH9u9AuA~e8QMxLjMjvA9~J7vf9~ejfLM8MGv9.9f~e8QMGvhhW.XW~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvWX~LkevHu.9F~jfLMGvu999~QYYMQOvf9fH9u9H9A~L1OEv9.999%2C9~Q8Ovh9HXiHWuF~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.if~OfEMjvu9~Nejfvf.fW~AENkvu999.fA~myMYQwv9.ui~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~LEQMGvhW.WX~xLjMQLEQMGvW.FH~LUBEv9.999%2C9~c0fv.*QwmE.*~LUBOv9.999%2C9~8QDJkv9~0sv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uH~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.uH9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvHfhFAhXfXA~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.if~EmQvF~1NM75EJvu~1OGjUvHfhFAhXfXA~1YEvu~myG8Ov9.ui9~GkjLv9.uu9~Qx8Ov%3DK4b4cOt4ZrTs5YJY%2F-FeAVBuV3~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGoAiHHiXHWFfAuFfWA~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGv9~GQEv9~7Y-vfAW&vgd_lbt=200&vgda_l1btm=%5B%22SPAMPXL%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=704594816&rrr=tzR-hLcl-L8G36oqjT85AL34IlHrWo9aXW00UuF3n__K_jr-PLgesA%3D%3D&requrl=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&vi=1704358593659368880&ugd=4&cc=US&sc=FL&bdrid=460&subBdr=196&startTime=1704358593864&l1ch=1&l1hcsd=l1!Otp9r|23&mmm=j06lleenrXix_pkmjVSbPnrSwnqQ1IDCtC_E_gi8AYG7O7xku3FAr9wemvDZDA1qoa78FHdNiIUx3bn3HHPm3mIHycDTCaaa&buid=349065&sttm=1704358593869&upk=1704358594.8809&hvsid=00001704358593870006462152362828&acid=5bacfc6154739f42b8056515713bf971&verid=3111299&infr=1&twna=1&dma=528&stime=1704358593484&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_mspa=0&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1704358593141026708&vgd_sc=FL&vgd_ecrid=1700080807683300300025000059500&vgd_uspa=0&vgd_mspad=a&vgd_isiolc=1&vgd_pgid=p11752618742t202401040856&vgd_pgids=1&vgd_end=2
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.136.23 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-136-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 04 Jan 2024 08:56:36 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 04 Jan 2024 08:56:36 GMT
cookie
sync.cootlogix.com/api/ Frame 7778
Redirect Chain
  • https://cs.media.net/cksync?cs=30&type=vdz&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dmedianet%26userId%3D%3Cvsid%3E%26gdpr%3D0%26gd...
  • https://sync.cootlogix.com/api/cookie?partnerId=medianet&userId=3473601931523688000V10&gdpr=0&gdpr_consent=&us_privacy=1---
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=medianet&userId=3473601931523688000V10&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://sync.cootlogix.com/api/cookie?partnerId=medianet&userId=3473601931523688000V10&gdpr=0&gdpr_consent=&us_privacy=1---
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 04 Jan 2024 08:56:36 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 7420 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=3011296250024499263&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 7420
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=pGp0OXObzqUD&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=pGp0OXObzqUD&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.57 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=pGp0OXObzqUD&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-gskrr
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 7420
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=oaPM0sJO2eiGBZGXbFb6&gdpr=0
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=oaPM0sJO2eiGBZGXbFb6&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.57 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:36 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=oaPM0sJO2eiGBZGXbFb6&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 7420
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ff220400ac3a23ca72f859&gdpr=0&gdpr_consent=
43 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ff220400ac3a23ca72f859&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.57 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09ff220400ac3a23ca72f859&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:36 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 7420
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.57 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:36 GMT
server
Kestrel
content-length
299
usync.js
eus.rubiconproject.com/ Frame 8A52 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71922
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:55:18 GMT
usync.js
eus.rubiconproject.com/ Frame B520 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71922
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:55:18 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 72DB 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tpc.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 01:07:43 GMT
x-content-type-options
nosniff
age
546533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:49:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 01:07:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D44 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4cbWiZ3EQxCFOUlsfqDhLjkqdowbL07MZy9m2Z8w1UPYQYcbVClsUaKKgjFLGSa9OVl5z_pKWQgMPGZXm9j7wZUwJmmmHlw5vv6hJaGEBRpWk4rRowfg2V7DG92ELv4WGrlo7V53InwWQT-DjARprdmFv&sai=AMfl-YRJhCavqG35-j82WwzId9JDaNRUt-7CbamdL_6SA2dBRvekdYiLXOn9vp-1TiV0T1mUL5YAvKXn_4dL_FzMCD0BCnl2iN1n0rfLWhv3b2iU2V_BNs3qNgW4wKzYwMmrj2bCnmo9NakDojIrhhu4iw&sig=Cg0ArKJSzL5-GnvQsxZ9EAE&cid=CAQSTwAvHhf_fJ7nzj3g-nhwVP9V4dFgNkT-XwTdytD_p4cxu5e8pUKCSW5-YuN03N8g4xtw6lt0gUBZRNfW2ht2S10wBjrzPUuQvladGIC_z0IYAQ&id=lidar2&mcvt=1232&p=0,0,199,771&mtos=1232,1232,1232,1232,1232&tos=1232,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=533972128&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358591410&rpt=3672&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1013.json
id5-sync.com/g/v2/ 		625 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1013.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/f/d/d82422-8575-448e-84fe-fa092518ca2d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
2a45639f37b5c99ff6f9b3f3b3b1dfd8719b6c5a1a38683e88c2bd049c07f9c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usersync
x.serverbid.com/ Frame FC08 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=5573&dpui=b9878472-5f4b-4379-920c-e9f93fe3db20
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54B5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgjNuwHKWZYOZDdnUjvQPvYiW6A4AAAAAOAHgBAI&bg=!vb6lvvHNAAY3kmNgF5I7ADQBe5WfOP1530EN7cr90C0NdusZGQA4H1LwuV19yRwWCr_TA31WUUnPhZNK9Vqq-o3MWdgvAgAAA_VSAAAABWgBB5kDWqUg3pIHmRMl9aO5QJaCX3pyKZ9y8u8d2ksq7WRq-8budiLLbg0y38cmkP-hAfGOkGmtlrehCGvz7gbni7py8RuffaKXohbMZf-dUiYSEcJVmYZgFAgnXi_4yRawM1ZF6fOLQ5sgdKRxyNi963PfBP3URDPlwusZUAZ9B_3D9JU1h96aA0FN5Tgd0P0RCT8V2gi0DhIivJeF7ikeoHiA8vr5NBUfImd_oTf2MWOcmrNaLR1x_UsjC_tzPuJw12Mf1s6knco_NtzurYYAxcB6z0axcKArtrtDiakznlrlTztghHIFpruDHjRupu-JMJuAKPk1CfrJhfwkO2Ybs_xS13fy0hsomUNgHGqiRBtYKukDnlx7VoR95tMoL2usT9Tl6eZTCSKXpQG7FuKNQFtoMgGI6Ds17TSmUUFj2TON69jMruhMFJDnJpZnbRe3r3-_XQQ-a2b5MyBnqjbRLrhHNHl0nq7N6K4M5dBVYxtggi1HOiXmVaIoqaFtN7fWrVlC0_FnbY2DGSZImqS7GjUoaWmNosOa8I5fcWqG5bAT47Pyk7WWVm5m_yua8lta32Ld4MKBynq7J2vswTpbSXtCbqIJXjY3ZD0XJnEJF876lrBRJ4-KMoR23FVrSVXmsYt2n5AvXjzXEcjejsoeCZ_OaE2QCTtKgvOIux-hXI0JWxG3DHnAXSTkWAv6tWQIt-OFnWamBrElRi6YDu6E0sKfQnrlWjD93WBPNVIId1ZlJajZOr9IV-LNxUoVNdIBNLFpLCV8Sd3-30CYkJ6Qv1nPgU3ODYIvV7oCxch9GXGiSFrLRnh5mWVhISiZ_NS4T2KMnLdw-6MDBPAzenM7QeqvOmNslNRAttHjr1f7jt1M__skUhlMpudDq1tV12tWFMbe1IHEvN_UnZIa4v_HvOGDJ-CqprSeZ70s6FUkMcV7avnCOkjZwS2yBU7oybRoPbxcBXG0784UgVMgF-aPpthMYXciDJ_Y15ODz3ngW46ty0vAisODXu9nA14GdFQjZcnAtWUM-Rkmmj1WnP59zXONVLA86QsiVeGVoN1x6tvhK_b6xnvWnWBKbQUZ6GwEYXlqyYkxnfdIYRz308iCDMT2Awtds9agz4wVbgfZUvW_bm9qByULFmbzNdW8Ng
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ssc-cms.33across.com/ps/ Frame CD40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704358596036.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
server
33XP019
x-33x-status
2000208
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 96CF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1704358596036.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212406146400894&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212406146400894&gdpr=0&gdpr_consent=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212406146400894&gdpr=0&gdpr_consent=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame 96CF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1706950596%26external_user_id%3D096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1706950596%26external_user_id%3D096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 04 Jan 2024 08:56:35 GMT
server
33XP013

Redirect headers

location
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1706950596%26external_user_id%3D096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
date
Thu, 04 Jan 2024 08:56:36 GMT
server
Kestrel
content-length
407
/
ssc-cms.33across.com/ps/ Frame 96CF 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704358596036.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 04 Jan 2024 08:56:35 GMT
server
33XP020
/
ssc-cms.33across.com/ps/ Frame 96CF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 04 Jan 2024 08:56:36 GMT
server
33XP001

Redirect headers

date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
events-ssc.33across.com/ Frame 96CF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=75VtjvQJUThyUo15rWbu4SaEdkQ
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=75VtjvQJUThyUo15rWbu4SaEdkQ&ts=1704358596&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=75VtjvQJUThyUo15rWbu4SaEdkQ&ts=1704358596&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:35 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=75VtjvQJUThyUo15rWbu4SaEdkQ&ts=1704358596&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
ssc-cms.33across.com/ps/ Frame 96CF 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704358596036.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 04 Jan 2024 08:56:36 GMT
server
33XP001
activeview
pagead2.googlesyndication.com/pcs/ Frame 0777 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0W5bWkjOJnDzpzkU3giPs4MFYp0kjPKY5iKj7x-XllmdgrSHWYD9zz1_6S9M-Yv7rlTeBBB2WHAhRJCCR7oWk_9xFRsbiHzhMJZUWAQocm1qPRytwiBJo_O82pyz4_7HLDZK4GChOCfwnTpzHCMS2H-5i&sai=AMfl-YSWCocx4sZymVILXv97UXZ5R0MuJ-r-P-68hR4uIIukQr8Cx9Y07pLfr69ygzSxXA0PPgQ5_hj2Rg-9cq49aHROstLQe-sHZEpyDqEcmQZ-radGTp4Lt06oZpFVeFHoBQCN9qrCyrhAIYgH8rBpcw&sig=Cg0ArKJSzECIGu-mb4t7EAE&cid=CAQSTwAvHhf_7sxDUxz92TpxZVs77EeSLg5bw7nuMUstqRdH6XBnC1idIS0pAr9jjZvktZ6XvnZu90Dfzh6WhafA8nK7D3ctf-hr-SHPjnAVsykYAQ&id=lidar2&mcvt=1161&p=0,0,124,1005&mtos=1161,1161,1161,1161,1161&tos=1161,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358591967&rpt=3214&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7A97 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5BlBdcxhDiTvr4lxY0ozFi2ElIKlwyZRKdQ2yvrzx8uB5RiGKiwVgIO7vDCvihVR7BPKFjUDNtwlJEQAJHkns3zB9ueN7Yq_RZ5QIW6NweDFR3u5FGPeEV7h59pE5X5-vUXmKQW4vZpQdZLjjacOycMq9&sai=AMfl-YTZvsnhHgTxxnkquT1GGZGgWdck2KctCWMaFVIffAOQavR_fs72bfzw1TMd9Z4SdSEfJ9CYHRZzX6rCVVl1g-i6l5_f2OUOF82e9311FJCjCRCfkBfODpld8nBL0Ny2DMcjBIRpmXZxybC7Svea&sig=Cg0ArKJSzI7UUjWjeOoFEAE&cid=CAQSTgAvHhf_O4bZfqpcj2LXGxnabm63VIF1j8XYhkiL9vkfJFsZ_6-VAFlzmbKYhkzUbGdy95Gti_oPjWeKYJtsUVBKlr4MMi5fL7Sy1xd5CRgB&id=lidar2&mcvt=1163&p=0,0,199,771&mtos=1163,1163,1163,1163,1163&tos=1163,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1663128080&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358591390&rpt=3764&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FC8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqtIQudgL_u3MYESzBUjrWBEbqSpYj_gzUxaVBmvq9t6L8hbGnDDAj24obIFiC2UMXAZ6guKpg1DDNsVXQ4MGZshxA-kZIOKed4KV3ahoex1hYiQEi-dqqx5zI6ZN25wyYrdgfhxRyNEUHZk4jefh9q_h7PM4-PyaYj1PvWGx1HpAJUqWkqqMiQSwa0Hyg1fcrI6AWKvoyvo7z9iaEj-F1uI-GH4cqKMElzM8vBt8h1mpSsbm9NIfZw43TpCWEVyWEzBIVeooXMKjjgG1TyugtivMqTHheI8vVL2HTKwdiACfELRysOTIaGq2uwzSYX7odc3q96A4y1ZIa0jP50b7Adk2HELuh3eEHZt2U076shJhJr2mL_GnLsHWXIcR7a4BCHSooAZkJs-6D11GfUEBSlN7EWa5uLcr8FAko-6qeZGVsAIrOd1G-FLTjkR1HIestmcjlywECi6dUuE_TWt5ZWGhuLe0z5LSKQZvNzMK07yN9OpXBaJQg8IA7FozZnI7psJ87W88R6rx1L0vxz0z3VMVL8jgCMRiPKdlDbTnZZcpT07PB05Y9hsuKX4yowU9l8ASTqYoGtKrIwBtsh4PYu_0A3ETRHpu65M0LLbWHEG18T6_K2WuMrt1opgLIWxw-wLIJR7gxjDIKXH140_pQwEZcUTmA_YjNrWEoc9jpYKw9GV7ozQFjIM3IM8Ms0EGmMJAxHtjYHx9fY0EaPXNUUF7qA__Gu6nAMpiyy0oi2AWTiEJkpmvvZa_8Xo4BM33Bxk7fwynkNA4sq49CpJyZ9IYsJK2MhOVrCt42G-3tz8TnJq3xSxXLwWRnjlHwcjmypQV2YTTSMT7MA75RDgbz56Yx-3KL6aOJ6Bw4PqvwcLRbM-RXSI5IY9IsXY3_LrPIFCIGkx0rnP2HQlJ0vloPb97oryUpHtUgchEr5mktdq8o9bttD1UW-gWNv0pVjv_oPoQJNje101KiRP38fDzmOEA5NwO-iSYMr5TmSEjJ7MmXRbA1SSCG16gSG3NSlZqrOto9EHZEl-lSy13fkbpl2bJuJ9NbsZ88EyzDHQGFcbSA04zoxvgGvKZAvQgxF5IxtXkWg2CFkJ_1jre-M4BUb1TkpSSSXz4IRqvwVadswJuLJJdox7ehYhX9mWPJYXPxVFINgI1dTSREPQH80qlajgcYWaBQJnA_aR6Omthkbr58zlj3FCTBE8ihRx22y7a029YkkAq4HOZTlOJQppEv8p7leOEBad1VNW_4MdKUu4IOfa7Namt9UKoq31Xlcf61rVvtvH112yAXBwQXJSEDuMk_7cmrNF8S3Q95la8Vl7TUHqU1dBnm-bYHio_G0GGZ7lWo0Ugy5yfHY44&sai=AMfl-YTvR6DfwoIMQ5kQ_w36CynPb7-ka22_wZUkzVAHH1UK470TjiM6tWnAqg7IycgDXt9_xzekE9EBjfjMHsXKrkS4xZjTezYmLj5ycSZSYrJd5XQJKO677YonFIIULPLC32Gp21ygbf7BjQ&sig=Cg0ArKJSzDKBYV_qZwGGEAE&cid=CAQSPAAvHhf_csWCtFvJGysG806yL-S9QRLJT9FvzTxHZtD4_noQSKZbyawJjPB_ON6RXpi2aD7FcmQWNqhZ7hgB&id=lidar2&mcvt=1077&p=1110,805,1200,1533&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1838895431&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358594469&rpt=776&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=175765&dpuuid=a7d15b6955d88365d25d0be6e72b1200
dpm.demdex.net/ Frame FC08
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=a7d15b6955d88365d25d0be6e72b1200
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=a7d15b6955d88365d25d0be6e72b1200
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
44.206.92.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-92-227.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-03564d7a1.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
ZWZePvCJRug=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
fe756828-a208-4a98-9c60-5b1613b6d734
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
location
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=a7d15b6955d88365d25d0be6e72b1200
x-amz-cf-id
tMt8DcNGgLd4sv8RKWISYaxLh-wPNFs9arYGCLolrZL_XzS8Xt6jQQ==
x-application-context
application:production
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D2A1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.120.208 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-193-120-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=130865
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 04 Jan 2024 08:56:36 GMT
expires
Fri, 05 Jan 2024 21:17:41 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
getuid
eb2.3lift.com/ Frame 10A7 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D649285%26a%3D644680%26domain%3Dvisitor.omnitagjs.com&gdpr=0&gdpr_consent={gdpr_consent}
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Thu, 04 Jan 2024 08:56:36 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 8CE2 		49 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=25df8c62b5c6d1ae&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Thu, 04 Jan 2024 08:56:36 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
8
csync
sync.spotim.market/ Frame F903
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D%26traffic_source%3Dsnippet%26session%3D...
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=f0f0a692-2608-4b97-b138-41a182cc06bd&traffic_source=snippet&session=78A324727F68D62D&sp=750078&pb=612004&c=656033&a=482928&domain=visitor.omnit...
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=f0f0a692-2608-4b97-b138-41a182cc06bd&traffic_source=snippet&session=78A324727F68D62D&sp=750078&pb=612004&c=656033&a=482928&domain=visitor.omnitagjs.com
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:35 GMT
Server
Spotim
Etag
25df8c62b5c6d1ae
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=f0f0a692-2608-4b97-b138-41a182cc06bd&traffic_source=snippet&session=78A324727F68D62D&sp=750078&pb=612004&c=656033&a=482928&domain=visitor.omnitagjs.com
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
usermatch
ssum-sec.casalemedia.com/ Frame D89F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4de83d303cc090c7685f54bd5df8edd196c059f47ba8bfe75d994cb03048f25

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
840244ebf93d9acc-MIA
content-encoding
br
content-type
text/html
date
Thu, 04 Jan 2024 08:56:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4OmCSkYxdamjxyf6Y7YsleGBfHetf5nZDegA8WJe8tR1arq2z7EhxcohPCMA6Hc7%2BV7Rgr8SXF5GfbHda%2B7IlGCoBMk%2BBtDtWGIGJ1x1W3Ub%2BHseG8dqbYX%2F%2FGWVlqLCcXdUVBVYy2WYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 371B 		744 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
976aa631cb9f02a11257d41a21b38edb11c789aea77b64023b838aa5349aec91

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
459
content-type
text/html
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame 96BA
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=H7yYaLZHttzIvJpmTweNNASm
95 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=H7yYaLZHttzIvJpmTweNNASm
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Thu, 04 Jan 2024 08:54:59 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=H7yYaLZHttzIvJpmTweNNASm
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 96BA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=661a61ac-6bee-4892-8121-1zz1704358498
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=richaudience&user_id=tZQJM4Kg_ijSelwA1Pu20
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&us_ps=
95 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704358595480&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Thu, 04 Jan 2024 08:54:59 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&us_ps=
Date
Thu, 04 Jan 2024 08:56:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2tLswXKWZaP0NteijvQPk4OYyAPt8s2SdbrlrZqYEoKah5-iDhABINjV2CtgyYaAgNyjxBCgAYvliMUDyAEJ4AIAqAMByANIqgSVAk_QoBvCoiAG0D46zmdUgi1oKLulALE5ZTnVRT9Zm0mibiaBco2lbfzUobyA32M6ws-dfIR9Q4DNfAVDSfoClTXNYjL7PgbtSw1aX_JdqxYIVecAAosE2IN6hgLLIsLsmdHtJljzYb8O5SmxHXH1qfpWGcpPqv3IIF-PpdrnnivwBZz0F9sI35MjdqPRGUvEoh36uR3swQjl3nboept-MkEHO6ZDc_QCnxxJRUASOM-IAXKec4ZXkjDHRl45ZviNNjJg-jaSaOowRLjFS2XlqIAAJE9COfeuClpu9U-dsOLHfQAhZVGFL9pWw-PV5YG4_cgA5EQQr5SSsBZkjToEFeulwzxttFQ2UU9-bhlIn6c32oiD3T7ABPyoobzfAeAEAYgF8aeYtAOgBi6AB92a9zqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDu1gvSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WP2Ku8Suw4MDmglPaHR0cHM6Ly93d3cubWlhbWlkYWRlLmdvdi9nbG9iYWwvbmV3cy1pdGVtLnBhZ2U_TWR1aWRfbmV3cz1uZXdzMTY5MjAxNjIwNjcxMTUzNIAKA8gLAdoMEQoLENDfis_L0baYggESAgED4g0TCIm3u8Suw4MDFVeRgwgdkwEGOdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05NTE3MTg1MTA2MjgzNjgyGJjbEA&sigh=0t2PMduwuU0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_csWCtFvJGysG806yL-S9QRLJT9FvzTxHZtD4_noQSKZbyawJjPB_ON6RXpi2aD7FcmQWNqhZ7hgB&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 9FC8
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C2tLswXKWZaP0NteijvQPk4OYyAPt8s2SdbrlrZqYEoKah5-iDhABINjV2CtgyYaAgNyjxBCgAYvliMUDyAEJ4AIAqAMByANIqgSVAk_QoBvCoiAG0D46zmdUgi1oKLulALE5ZTnVRT9Z...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4eb282a4bea46a430000000000000000%22,%222%22:%220x8188763280b65c0d0000000000000000%22,%223%22:%220x57a715...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4eb282a4bea46a430000000000000000%22,%222%22:%220x8188763280b65c0d0000000000000000%22,%223%22:%220x57a71576560c42330000000000000000%22,%224%22:%220x47465ee25d7fbc5a0000000000000000%22,%225%22:%220x7d798568ccb896ee0000000000000000%22},%22debug_key%22:%2217993444074382109726%22,%22debug_reporting%22:true,%22destination%22:%22https://miamidade.gov%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950153867%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223137216531657655297%22}&andc=true
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4eb282a4bea46a430000000000000000","2":"0x8188763280b65c0d0000000000000000","3":"0x57a71576560c42330000000000000000","4":"0x47465ee25d7fbc5a0000000000000000","5":"0x7d798568ccb896ee0000000000000000"},"debug_key":"17993444074382109726","debug_reporting":true,"destination":"https://miamidade.gov","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["950153867"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"3137216531657655297"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 04 Jan 2024 08:56:36 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4eb282a4bea46a430000000000000000","2":"0x8188763280b65c0d0000000000000000","3":"0x57a71576560c42330000000000000000","4":"0x47465ee25d7fbc5a0000000000000000","5":"0x7d798568ccb896ee0000000000000000"},"debug_key":"17993444074382109726","debug_reporting":true,"destination":"https://miamidade.gov","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["950153867"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"3137216531657655297"}&andc=true
access-control-allow-origin
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A79D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
/
Resource Hash
24e9869020fd59a7f6418540744970cbf3f381a57858eb8859ca45ae54e7fcbc

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-charset
utf-8
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
vary
Accept-Encoding
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-adswizz-banner-status-code
0
x-adswizz-request-id
12e06a66-55bc-46fa-8e96-7b8b296fb665
x-amz-cf-id
iWPcmceenc7-em3ObuOU3-Rt6XYTD2fO_1-SAtC5TKbV26Hzgjtl3g==
x-amz-cf-pop
YUL62-C2
x-application-context
application:production
x-cache
Miss from cloudfront
x-clacks-overhead
GNU Terry Pratchett
cookie
sync.cootlogix.com/api/ Frame 7778
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=TAEWcTBw&gdpr=0&gdpr_consent=
  • https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
43 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

location
https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=d47d5a5d-7b3c-413f-a3f9-885860ad57ae&gdpr=0
date
Thu, 04 Jan 2024 08:56:36 GMT
content-length
0
v3
id5-sync.com/gm/ 		735 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
0e4f12d94ee6c4be77eb7b7e64aa40fb318ca108518e3b92cf38111ac7a42925
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://duperb-shop.ngontinh24.com
date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rum
id.rtb.mx/ Frame 34D2 		0
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://id.rtb.mx/rum?
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://prebid.a-mo.net
date
Thu, 4 Jan 2024 08:56:36 GMT
access-control-allow-credentials
true
112f6b9e-05be-475a-bbf1-fe1d2290bbcf
https://prebid.a-mo.net/ Frame 34D2 		187 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/112f6b9e-05be-475a-bbf1-fe1d2290bbcf
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8493b6cbbada734dd291dabe105e4399431c682b0c7ef062215b83759b5cf52c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
187
Content-Type
d5435a29cdf293e25ee24dd79b71c38e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/d5435a29cdf293e25ee24dd79b71c38e.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d47b225460565712cf74d7e590e038e05f03a098fccc984a08f482f36db4ed93
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50759
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3b777b46c08e1ec65493c2ca556183d4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		113 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/3b777b46c08e1ec65493c2ca556183d4.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eafafb205ec50b963795ef19e4690f90c5941c2605d5d31bd4e22b0dbf27170e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
51201b723fe45875025463d96f0fc0dd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/51201b723fe45875025463d96f0fc0dd.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
844a3c40ac0aae8539c5737af087eeb540522ca5903162f795bdfbf3e2fdb042
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5080
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
66537b12b083a80229751694740f3042.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		111 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/66537b12b083a80229751694740f3042.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7237e3abae7da99ef56185f7b2dcf53781a6e9f677ab202c221260fd3b1851f2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8e779e187904eb5b175e6ce9d88191db.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		112 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/8e779e187904eb5b175e6ce9d88191db.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56243d82f53e3fdd390332f9a8e02c75dce0eb5351ced4bcb363f8d533b0ce0b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ab5af3a97e63334dcc2843b37c751591.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		107 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ab5af3a97e63334dcc2843b37c751591.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40d90847b61a8a221f1698cb40a76a5fe9b81899da34ceee38053a950a5c56c5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
fa0f05aaef85b7cab633dc20f05da0f3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/fa0f05aaef85b7cab633dc20f05da0f3.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa91ed7d8104858b34338a4e403c48d99e5c18042377e69c49d30a42d8e20dbf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1495
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
3d5d43b9412abe5172dca8ed55ea8d6a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/ Frame 72DB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/media/3d5d43b9412abe5172dca8ed55ea8d6a.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0b12b6f6d70be1490bd520cd667924b0143655328476caa644be9f97ec49dd5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9335744416988852843/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 05:00:47 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 04 Jan 2024 05:00:47 GMT
x-content-type-options
nosniff
age
14149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3533
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 6025 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
116729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 00:31:07 GMT
/
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame 371B 		95 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=2b8360b7-c7a9-4f08-8189-0c8f2ed0a77a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Thu, 04 Jan 2024 08:54:59 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
sd
us-u.openx.net/w/1.0/ Frame 371B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_rJI1P-1EtDlsEXR-7Vc0fvmFIfltBDX_7OrefnZ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_rJI1P-1EtDlsEXR-7Vc0fvmFIfltBDX_7OrefnZ
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_rJI1P-1EtDlsEXR-7Vc0fvmFIfltBDX_7OrefnZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
ads.avct.cloud/ Frame 371B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
0
0
sd
us-u.openx.net/w/1.0/ Frame 371B
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1797288129605757534
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1797288129605757534
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1797288129605757534
Date
Thu, 04 Jan 2024 08:56:36 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 371B
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=42D3FF6D47FB4FDCBA093AD588E3B0A1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=42D3FF6D47FB4FDCBA093AD588E3B0A1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=42D3FF6D47FB4FDCBA093AD588E3B0A1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 03 Jan 2024 08:56:36 GMT
35759
i6.liadm.com/s/ Frame 371B
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=c998f5d9-a84d-420f-9832-7db2890105df
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7995778992001487599
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:4627:d3aa:1545:e04b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:37 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Date
Thu, 04 Jan 2024 08:56:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
g.pixel
aa.agkn.com/adscores/ Frame 371B 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=d5acc923-d05b-43ef-b0f6-0d3e83515616
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-43.yul62.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
YUL62-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
1mcMoatflafW12DpvMi5rA6ciE7yjw7RTAJUN11ak5Io1mltoIlMzQ==
expires
0
dcm
s.amazon-adsystem.com/ Frame D89F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jan 2024 08:56:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VD5A3ZM28CBDV8CDA5BC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D89F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbaZnnjecyFRlKuho3Eu4qw70WfI%2BLoYdSE408pqngJ98N9ccW%2BHvJ0bbbjLh8SyKjpYf4DqmxdDShycNuDn188H2XJ6wxRM8kR53D3%2F5F1zM8fb0BmZP8ubf2y730FO33lJ9pUlyOUf4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244ed39f89acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMOSRww_7D-MaP2-I62Rsdk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
35759
i6.liadm.com/s/ Frame D89F
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZZywtRGY3i0IrndgkdX3AAA%262945&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7995778992001487599
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:4627:d3aa:1545:e04b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:37 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
Date
Thu, 04 Jan 2024 08:56:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
crum
dsum-sec.casalemedia.com/ Frame D89F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZZywtRGY3i0IrndgkdX3AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENc_j_sxLOMK0rpztnp_Pd0&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENc_j_sxLOMK0rpztnp_Pd0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGhpgffaFVswCRwB3caedvz8eCaCWX7zB2hDLvXUIJER9xPWoWxk1yNebFBlpxnncaCd64Qcb1UpxrxSjN0XeOd%2BG3jiwQPqP6xsJW%2FXKUnekQozkyS3BRcBPszeB4M82EmIy3iIhlAVCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244edda809acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENc_j_sxLOMK0rpztnp_Pd0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixie
jelly.mdhv.io/v4/ Frame D89F
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=ba29f0725862814f34312b35923b1c62&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7320177744485245177&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAK7pU7LLOYAABZ7UayRiw&dataProviderId=817&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YmEyOWYwNzI1ODYyODE0ZjM0MzEyYjM1OTIzYjFjNjI=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEH56MCNCa070E3wYV5QnPX4&google_cver=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=1wbExGEw1RljwK5&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2211133&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
  • https://jelly.mdhv.io/v4/pixie?
0
0
crum
dsum-sec.casalemedia.com/ Frame D89F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3011296250024499263&gdpr=0&gdpr_consent=
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3011296250024499263&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXbLLMFRoJz%2BKpiLSYUcrpod0VLgSZlDn7mQOZHrRrUz8uHB3jP7xPmiZarX8tD%2BLpiuXGVxjWlWVcTd5xZPAzYYMKERlj4oGHdO2gJBlagjozNv0UYIclFPR5sLHTx%2FDkBj0j6WVwaHTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244ed6a289acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3011296250024499263&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:36 GMT
content-length
0
pixie
jelly.mdhv.io/v4/ Frame D89F
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZZywtRGY3i0IrndgkdX3AAA%262945&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=ba29f0725862814f34312b35923b1c62&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo103e_7320177744485245712&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/ba29f0725862814f34312b35923b1c62?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-f.OrGddE2oNRQmYEkbqT9JSKgR52AtteqDSocteY~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YmEyOWYwNzI1ODYyODE0ZjM0MzEyYjM1OTIzYjFjNjI=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEH56MCNCa070E3wYV5QnPX4&google_cver=1&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=1wbExGEw1RljwK5&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=636979850693708765&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5368859&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
  • https://jelly.mdhv.io/v4/pixie?
0
0
crum
dsum.casalemedia.com/ Frame D89F
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a56ca7b2-d8e8-f36d-7d9ad8fb
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a56ca7b2-d8e8-f36d-7d9ad8fb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVBa7OsSFatdRVrNSB6w72V88ev9GPTd%2FGLKX3sgnCAOYPr6gZeCEYFkivf3yZdsJoSGGBd%2BM9clDySSDGsBfTbSIzS3zfMMhlWApd0JtrFhTkE7xT%2Fry1Bp%2BJHtENcpdMMvD1Hp"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244edddea74c6-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a56ca7b2-d8e8-f36d-7d9ad8fb
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
/
sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/ Frame D89F 		95 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/?gdpr=0&euconsent=&uid=ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Thu, 04 Jan 2024 08:54:59 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
SPug
simage4.pubmatic.com/AdServer/ Frame 4F1D 		0
49 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 8A52 		7 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQYZ3LUL-20-86GL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
khaos.json
token.rubiconproject.com/ Frame B520 		7 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQYZ3LUL-20-86GL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8bab65602db075726861004da5629947
Expires
0
dcl.htm
rt3070.infolinks.com/action/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3070.infolinks.com/action/dcl.htm?rid=6c91e231-b3ee-48e7-9a82-de090dc7af09&jsv=1914.009-3.034&capara=%7B%22error%22%3A%22ICE_HB%20was%20not%20found%20on%20window%20-%20init%20not%20fired.%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
840244ecf94b5c64-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4eb282a4bea46a430000000000000000%22,%222%22:%220x8188763280b65c0d0000000000000000%22,%223%22:%220x57a71576560c42330000000000000000%22,%224%22:%220x47465ee25d7fbc5a0000000000000000%22,%225%22:%220x7d798568ccb896ee0000000000000000%22},%22debug_key%22:%2217993444074382109726%22,%22debug_reporting%22:true,%22destination%22:%22https://miamidade.gov%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950153867%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223137216531657655297%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame 5DDA 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 04 Jan 2024 09:05:11 GMT
bk.gif
ewr-495.ewr-rtb1.rfihub.com/bn/ Frame 5DDA 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewr-495.ewr-rtb1.rfihub.com/bn/bk.gif?bt=1704358596178&ri=e889b4580bc6e0926659d585a2da8475&rb=43153&re=48551&ep=0.004512&rt=1739445&ai=5391309&dc=3&di=&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596178%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.38.167.154 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:36 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
Content-Type
image/gif
imp.js
a.rfihub.com/bn/ Frame 5DDA 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
b2fdc99db75de88968ebf12adbc35c86f38a01930bf5853b12e630d482fd7b68

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/javascript;charset=iso-8859-1
Date
Thu, 04 Jan 2024 08:56:36 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
4215
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adview.htm
rt3070.infolinks.com/action/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3070.infolinks.com/action/adview.htm?rid=6c91e231-b3ee-48e7-9a82-de090dc7af09&bdc=1&midx=0&emd=OTk4fjE5NzAyOV9udWxsfjUzOTEzMDk&rts=1704358596648&prod_t=u&jsv=1914.009-3.034&sdata=agreement&scs=O7C7gnVN_V&rsd=FLzSloy1oZ-6N9XiHd6MYUI5jUlpEJTQi-zo0sVxE_eHM96iq5mHjmVoCmSolmNxOxZ-GCxRqDJ9Qv6bW-RvkFvyFXeMU-i5AVRRhiiS_hLd1h54tkcdnEKDD6ZqY5OC9gwo5255Nhegtx4spk6a5zNNx3i8y0AWnqQN_ooaD64&rsk=31&rcs=WFzFj-BurVeBNnKc2U0--g
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://duperb-shop.ngontinh24.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
840244ed2bc067d2-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 72DB 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
116729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 00:31:07 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D2A1 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19445695&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.112 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ae46316c21d0803bf5e72de5467cae7c878426349d2f31d6d7d25b17eb5783dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor.omnitagjs.com/visitor/ Frame 8A52
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LQYZ3LUL-20-86GL
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQYZ3LUL-20-86GL&name=RUBICON&gdpr=0&us_privacy=1---
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQYZ3LUL-20-86GL&name=RUBICON&gdpr=0&us_privacy=1---
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQYZ3LUL-20-86GL&name=RUBICON&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
693f17ec94b6fd0c82d03268b1ba23d6
Expires
0
fed
ups.analytics.yahoo.com/ups/58771/ Frame 34D2 		316 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=7104abb1-a97a-4605-b391-df0f51751199
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=duperb-shop.ngontinh24.com&e=27&uid=7104abb1-a97a-4605-b391-df0f51751199
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
63a1550c22111356d62963ee1a01195d1f9c9032ea359468453cdccbbb402076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
khaos.json
token.rubiconproject.com/ Frame F176 		7 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQYZ3LUL-20-86GL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame A79D 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-76.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 15:24:35 GMT
via
1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
63122
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
mJ2rfvIkebOX0wynfr3GNcPaP1vPpYpsGDS8WuJAl5xsQGPJ40xXLQ==
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A79D 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B14%3BUSD%3B0.00000000%3Bfalse%5EtraceId%3A2ac1b221-aadf-11ee-80d9-06cdb4b4bb8b%5EAS%2Fi%3Asynchroscript%3Bad_id%3A14%3Bzone_id%3A9%3Bview_key%3A1704358596697%3Bduration%3A0%3Baf%3A0.00000000%3Btf%3A0.00000000%3Bnp%3A0.00000000%3Bgp%3A0.00000000%3Bc%3AUSD%3Bbaf%3A0.00000000%3Bbtf%3A0.00000000%3Bbnp%3A0.00000000%3Bbgp%3A0.00000000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A4%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=&referer=https%3A%2F%2Fsync.serverbid.com%2F&listenerId=a7d15b6955d88365d25d0be6e72b1200&sessionId=43da8b154b275e94fce5e3a1ed5f774&ip=%3A%3Affff%3A38.132.118.68&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&us_privacy=null&cbs=7489141&aw_0_req.gdpr=false&aw_0_azn.pname=%5B%22Sync+Publisher%22%5D
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
content-length
43
x-amz-cf-id
4i8y47mSuS_l9_ujKz9aTbM9J1QXBF4geJ4GzuM7IzPZ1Wt0EDAbpQ==
Rubicon
s.seedtag.com/cs/cookiesync/ Frame F176
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LQYZ3LUL-20-86GL
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQYZ3LUL-20-86GL
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQYZ3LUL-20-86GL
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7169-9505-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQYZ3LUL-20-86GL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
impl_v99.js
www.googletagservices.com/dcm/ Frame 5DDA 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 21:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 21:05:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4F1D 		692 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84584005&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.112 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5691bb6aabd3d9bde48b9924691d26d320ca2c310142a82fb1e2aae862970390

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 04 Jan 2024 08:56:36 GMT
content-length
692
content-type
text/html; charset=UTF-8
ImgSync
image8.pubmatic.com/AdServer/ Frame 6CA1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=636979850693708765&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:92b45752-a9f8-48a4-874d-9f7db9761957&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 56B2
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_3bdf3d294de14b9bb7d1b
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bf81f3a5-f308-4ccc-bc01-d5b8d2b8e578&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 2618
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mryJl5u705OBvoSSn7udkp_o1cSButGUm720zBaN
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0eca7b9d-fd2a-4810-ac57-b53b076f13ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 4246
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZZyxAAL_FwkngBd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760065-MIA
x-timer
S1704358597.999006,VS0,VE26

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 04 Jan 2024 08:56:36 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZZyxAAL_FwkngBd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760065-MIA
x-timer
S1704358597.919113,VS0,VE52
Pug
simage2.pubmatic.com/AdServer/ Frame 137B
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2b065bb2-aadf-11ee-b1df-8535da4c58cd
42 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2b065bb2-aadf-11ee-b1df-8535da4c58cd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 04 Jan 2024 08:56:37 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=2b065bb2-aadf-11ee-b1df-8535da4c58cd
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-8
ImgSync
image8.pubmatic.com/AdServer/ Frame 454F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1wbExGEw1RljwK5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0791ffe3-7eb5-4ba0-9860-1f07d8a26f6e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 03:44:07 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 5AD9
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288129605757534
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fd51355a-5916-4f8e-bf36-76f554706a85&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame B647
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=321b53aa-f48e-3bd6-8449-e16f9fb03b76&ssp=pubmatic&bsw_param=97c6f5a2-cd54-4303-8f86-b973f7a4e46c
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 04 Jan 2024 08:56:37 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame C8A5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3cf3fa42-c766-4657-b648-86be7ec01220&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 310D
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=872560550568
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:94516e38-8654-47c7-a560-3cfb214869ea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
a.tribalfusion.com/ Frame ED56 		43 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
840244eec901259a-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 08:56:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0468 		0
0
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 1F5C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU88a2c345cef749f9ad89dcd7e5d07206
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
49 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Thu, 04 Jan 2024 08:56:37 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
5

Redirect headers

content-length
220
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:56:37 GMT
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
ad.mrtnsvr.com/sync/ Frame 41E7 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame B8A9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:71a86596-72c5-4400-ab6f-fc9691e649ff&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame A590
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f52c0c08-cd50-4a1a-8fa3-bccb9d69912a&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
42 B
513 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.90.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-90-210.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:37 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 04:55:56 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 79DD
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 04 Jan 2024 08:56:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame 6383
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:42D3FF6D47FB4FDCBA093AD588E3B0A1&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5b53df11-b2c9-4972-ba28-9feaffe7e2c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 75D2
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=5205487822
  • https://sync.1rx.io/usersync3/mediamathtest/1508/fe546596-72c5-4900-80f4-27d38df54edb?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
42 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 04 Jan 2024 08:56:37 GMT
etag
RXd414429b91ca4e66977e78ebb86b19bc005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
ImgSync
image8.pubmatic.com/AdServer/ Frame EE6E
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7576449971279027690&uid=Q757644997127902...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7576449971279027690
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:35 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 6042
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KO08cinvDfibA54Bw3KWZQ
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame C8F6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75VtjvQJUThyUo15rWbu4SaEdkQ&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4a0be4f2-be4c-48c4-96e7-f43d2f18efa8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Jan 2024 08:56:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
csync
sync.spotim.market/ Frame 81C9 		43 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&traffic_source=snippet&session=78A324727F68D62D&sp=750078&pb=612004&c=570607&a=281178&domain=visitor.omnitagjs.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:36 GMT
Etag
25df8c62b5c6d1ae
Server
Spotim
insync
thrtle.com/ Frame D2A1
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&vxii_pid=12&vxii_pid1=10067&vxii_rcid=76c7bfb4-7976-487e-9535-c54ab5b54a28
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&vxii_pid=12&vxii_pid1=10067&vxii_rcid=76c7bfb4-7976-487e-9535-c54ab5b54a28
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
34.202.106.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-106-150.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 04 Jan 2024 08:56:37 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&vxii_pid=12&vxii_pid1=10067&vxii_rcid=76c7bfb4-7976-487e-9535-c54ab5b54a28
date
Thu, 04 Jan 2024 08:56:37 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame D2A1 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame D2A1 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-34-250.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame D2A1 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.141.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-141-6.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 04 Jan 2024 08:56:36 GMT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame D2A1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame D2A1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3718888275283899047
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
khaos.json
token.rubiconproject.com/ Frame 96D6 		7 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LQYZ3LUL-20-86GL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9624 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssx3DmdpCXEr_sO3tnx8Oc6JWa6q3YNCR3-DT0_5bbSu5R9-x5NKJNLqCrOTo0s3zI90XKQPp8Q10tVph4I3oScRACz9CPr0oqlAMYcICl8qpu2KeL_vKiFebmdNgXbe9adPQvhfGdmPJiIjpAwKk_TZJSV&sai=AMfl-YSvQOabllT0ugRN41D0EShRaRkt0oELRuVI7Ucvvr8x2N9lQRi3sC46mlA9NrzcMNzL5GWp_wPgSFMCiAMYKuJ0ijwsSx8Ms3xr6gVjQdoTgjH1e9_1HERA96rH_UsUBZX3kyXBruL8H0p9MMqW&sig=Cg0ArKJSzMAKuC8Em1SaEAE&cid=CAQSTgAvHhf_KE-4XhJSDSFWKbHqY0458Kz1iLcY8gTwTN2EH0TOxJ_Y26smM6_aHerGTlp3ihNB_WbLsUIrUwxeMDYRd8G2wv2_YQSMFgzySxgB&id=lidar2&mcvt=1008&p=0,0,280,1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=676577707&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704358591383&rpt=4512&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ Frame 5DDA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js?c1=8&c2=6820648&c3=1&c4=&c5=&c6=
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-104.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 07:24:42 GMT
content-encoding
gzip
via
1.1 483c6b691461cafe6d23d15d609dc486.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
5516
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TKM8Bgq0K0n8eeheBa-W2ovGVzsjkuNb04sG23dg3mFWGAF4bx0eoQ==
sync
pippio.com/api/ Frame 5DDA
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1c...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&pid=500040&it=1&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.133636&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.133636&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.133636&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Date
Thu, 04 Jan 2024 08:56:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
sync
pippio.com/api/ Frame 5DDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTc5NzI4ODEyOTYwNTc1NzUzNA==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHNQU7fl0X5HC_M8rpf7UaM&google_cver=1
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1c...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&pid=500040&it=1&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.4332464&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.4332464&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.4332464&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Date
Thu, 04 Jan 2024 08:56:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
setuid
ib.adnxs.com/ Frame 5DDA 		43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=18&code=1797288129605757534
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
an-x-request-uuid
cfb1c921-4b0c-4073-adec-5626213eb68b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=1121&dpuuid=1797288129605757534&redir=
dpm.demdex.net/ Frame 5DDA 		42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1797288129605757534&redir=
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.92.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-92-227.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-047e37864.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
uoJXzvJYRUQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 5DDA
Redirect Chain
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=1797288129605757534&r=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
54.68.105.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-105-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 5DDA 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1797288129605757534&r=
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ps.eyeota.net/match/bounce/ Frame 5DDA
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=1797288129605757534&bid=omt9pi0
  • https://ps.eyeota.net/match/bounce/?uid=1797288129605757534&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?uid=1797288129605757534&bid=omt9pi0
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:37 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?uid=1797288129605757534&bid=omt9pi0
Date
Thu, 04 Jan 2024 08:56:37 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
cksync.php
contextual.media.net/ Frame 5DDA 		57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1797288129605757534
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-124-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 08:56:37 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Thu, 04 Jan 2024 08:56:37 GMT
/
bpi.rtactivate.com/tag/ Frame 5DDA 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=1797288129605757534
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.41.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-41-244.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 5DDA 		43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1797288129605757534&forward=
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVNqFfl0l6wc9w4Jp43Xqt8K%2FRsDDA0RZnM6WoPiMtWU9JMGNRijWhOSIYsv%2BWNC18lQrTL0fhMiaKkDZCaUcoeEzAVw9Zog9dpvH6g1x7LkNtt%2F%2B4DfSwSp%2FbRnSGvSwRB7G3aI4UcVrg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
840244efbba09acc-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
360947.gif
idsync.rlcdn.com/ Frame 5DDA 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=1797288129605757534
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 5DDA 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1797288129605757534
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 08:56:37 GMT
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
sync
partners.tremorhub.com/ Frame 5DDA 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=1797288129605757534&r=ANDQu_Zo0VsL
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:df:b383:583f:64cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 04 Jan 2024 08:56:37 GMT
server
nginx
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 5DDA 		43 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1797288129605757534
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-43.yul62.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
YUL62-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
7iqk5ezfJ2GmygkfxbKoWmhD23vDy_u_wuoIwWvnd6pHDZypUzBkqw==
expires
0
usermatch.gif
beacon.krxd.net/ Frame 5DDA 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1797288129605757534
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.243.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-243-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n024-ash-prod.krxd.net
date
Thu, 04 Jan 2024 08:56:37 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1704358597
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ Frame 5DDA 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288129605757534&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cm
p.rfihub.com/ Frame 5DDA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZZyxAAL_FwkngBd
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZZyxAAL_FwkngBd
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Server
199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:37 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-mia-kmia1760065-MIA
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704358597.080675,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZZyxAAL_FwkngBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
m
secure-us.imrworldwide.com/cgi-bin/ Frame 5DDA 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-rocketfuel&cg=1797288129605757534&cc=1
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.58.246.115 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-246-115.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
pippio.com/api/ Frame 5DDA
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1cc7-04d2-44ee...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288129605757534&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3De90e1c...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&pid=500040&it=1&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143%3A1704358595.7628064&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.133927&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.133927&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704358597.133927&iv=e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
Date
Thu, 04 Jan 2024 08:56:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
ca
choices.trustarc.com/ Frame 5DDA 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?pid=zeta01&aid=zetaglobal01&cid=101619&c=ee9211cd-20ea-4e76-9b07-58b037d40748&w=728&h=90&plc=tr
Requested by
Host: a.rfihub.com
URL: https://a.rfihub.com/bn/imp.js?bt=1704358596178&aeh=1&w=728&h=90&co=optimize%3Afalse%2CserverId%3Aewr-495%2CnewUser%3Atrue%2CscoreMicroClicks%3A0%2CscoreMicroConversions%3A0%2CuV%3A186532%2CuG%3A0%2CuE%3A0%2CuD%3A0%2Curl%3Aewr-495.ewr-rtb1.rfihub.com%2CbB%3Atrue%2Cbt%3A1704358596179%2Csej%3Afalse%2Cmt%3A1%2Cdid%3Atid_1739445%7Cmed_regular%2CisAI%3Atrue%2CisSkip%3Afalse%2CexId%3A6c91e231-b3ee-48e7-9a82-de090dc7af09%7E998%7E1%2Cuuid%3A-3%2CdiSrc%3A0%2CuR%3A9241%2Cip%3A38.132.118.68%2Cfcc%3A3%2Ctagid%3A3245929_1531_Display%2Csid%3A3245929%2Cge%3A&ep=0.004512&ri=e889b4580bc6e0926659d585a2da8475&ai=5391309&rt=1739445&re=48551&rb=43153&ra=&hl=976&sc=0&bs=1&dc=3&di=&ug=3245929_1531&ct=1704358596644&rs=&pe=about%3Ablank&pf=https%3A%2F%2Fduperb-shop.ngontinh24.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-109.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
2ebc60ae25834b9bd368142c05069ed79f1dc3d7ecb2b3e4bfe57fab5490dfb8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop
YUL62-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=3600
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
DklWAZEZsiYkRaqKBiJbchOjjFhnFFPiSwTaKylgez_wwz0eTubfGw==
expires
Thu, 04 Jan 2024 09:56:37 GMT
/
ssc-cms.33across.com/ps/ Frame 96D6
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LQYZ3LUL-20-86GL
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQYZ3LUL-20-86GL
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=1&xu=LQYZ3LUL-20-86GL
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 04 Jan 2024 08:56:36 GMT
server
33XP020

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssc-cms.33across.com/ps/?xi=1&xu=LQYZ3LUL-20-86GL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Expires
0
cookie
sync.cootlogix.com/api/ Frame 7778
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dgrid%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---?gdpr=0&gdpr_conse...
  • https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=1---
43 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Location
https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=97c6f5a2-cd54-4303-8f86-b973f7a4e46c&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Thu, 04 Jan 2024 08:56:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A79D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&isDisableLogImpression=1&listenerId=a7d15b6955d88365d25d0be6e72b1200&cb=75413983484&charset=windows-1252&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
/
Resource Hash
cbe563bdf9f05ea8ee7c83f6c01d58bc0c54820d070ea95862c552eb3aad23d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
accept-charset
utf-8
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-adswizz-request-id
b7d6f912-c108-45b9-aa9b-22e2a9d21fed
x-amz-cf-pop
YUL62-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
access-control-allow-origin
*
content-type
application/x-javascript
x-amz-cf-id
Z4_gg-VYgs_GqvxIR--tew8ZjduzAdPRr88k17hq86RPE8ER9_Nwwg==
x-application-context
application:production
usersync
usersync.gumgum.com/ Frame AF5C 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:37 GMT
Expires
0
Pragma
no-cache
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 4F1D 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
content-length
0
x-amz-cf-id
ugbURCWim8AxS2MOGnqO_obQXLkY4_9dp0qtSjLxeyjWiPPHEDVkbQ==
x-cache
Error from cloudfront
362358.gif
idsync.rlcdn.com/ Frame 4F1D
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEY7xoe_bg4vqq5RXuXtzcU&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEY7xoe_bg4vqq5RXuXtzcU&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEY7xoe_bg4vqq5RXuXtzcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75/gdpr=0/ Frame 4F1D 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75/gdpr=0/gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.53.47
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 4F1D 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_rx_ox-db5_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_rbd_ppt_n-baidu_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame A79D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=54
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=7995778992001487599&partnerDomain=turn.com&idType=cookie
0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=7995778992001487599&partnerDomain=turn.com&idType=cookie
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
103e581f-6432-464e-9a72-f199c8efe099
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
x-amz-cf-id
HDpoltiNQROlI0w3fPiWcIAIZN0FE2HmcMLhRb3WQZL0_PY32S-zzA==
x-application-context
application:production

Redirect headers

location
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=7995778992001487599&partnerDomain=turn.com&idType=cookie
pragma
no-cache
date
Thu, 04 Jan 2024 08:56:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A79D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B56%3BUSD%3B0.00000000%3Bfalse%5EtraceId%3A2b0a2ccf-aadf-11ee-bae3-02bb57cef061%5EAS%2Fi%3Asynchroscript%3Bad_id%3A56%3Bzone_id%3A8%3Bview_key%3A1704358597170%3Bduration%3A0%3Baf%3A0.00000000%3Btf%3A0.00000000%3Bnp%3A0.00000000%3Bgp%3A0.00000000%3Bc%3AUSD%3Bbaf%3A0.00000000%3Bbtf%3A0.00000000%3Bbnp%3A0.00000000%3Bbgp%3A0.00000000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A22%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&listenerId=a7d15b6955d88365d25d0be6e72b1200&sessionId=bd9fb607ddbf4d934abb9a65bba584d&ip=%3A%3Affff%3A38.132.118.68&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&us_privacy=null&cbs=4809681&isDisableLogImpression=1&charset=windows-1252&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&withtext=1
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
content-length
43
x-amz-cf-id
sZVLMBShxXzm9GkZ5lAF1nh8103aWnK3y8Dyq3vwgH9_dDdSI6PcMw==
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A79D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&cb=23529054999&charset=windows-1252&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
/
Resource Hash
e98f4b985a98b452d97497d31ab99bab8a470b45fded043c5ca83c328d6134dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
accept-charset
utf-8
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-adswizz-request-id
536415c5-1e05-4ae9-a0d0-7e87ea4b2cb4
x-amz-cf-pop
YUL62-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
access-control-allow-origin
*
content-type
application/x-javascript
x-amz-cf-id
oE2qP---QbNC6ekWnYBnIgKeATSGk7FVHu4nUoBIuHKdEgnuhyvj9Q==
x-application-context
application:production
cap
choices.trustarc.com/ Frame 5DDA 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=zetaglobal01&pid=zeta01&cid=101619&w=728&h=90&c=9160
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-109.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
YUL62-C1
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
aokYO_BUGPJ9WZmvSx_4Hh8Jihzxodcy1ikU8VvbB0CeJvXwrWA6mw==
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 04 Jan 2024 08:56:36 GMT
usync.html
eus.rubiconproject.com/ Frame 0E0E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.cootlogix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 08:56:37 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 04 Jan 2024 08:56:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
server
AkamaiGHost
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame A79D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vf0jdc4&ttd_tpi=1
  • https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&partnerDomain=adsrvr.org&idType=cookie
0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&partnerDomain=adsrvr.org&idType=cookie
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
473ac79b-2ff6-405f-891c-9cc373f98b90
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
x-amz-cf-id
um2wZZFWWhokSGQ3oIPxAeFWfgGpKRnf3ZzQ-Td8qq4xDGCHjTkdew==
x-application-context
application:production

Redirect headers

location
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerUserId=096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&partnerDomain=adsrvr.org&idType=cookie
date
Thu, 04 Jan 2024 08:56:37 GMT
server
Kestrel
content-length
321
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A79D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B40%3BUSD%3B0.00000000%3Bfalse%5EtraceId%3A2b33ae32-aadf-11ee-a01b-0a44bc2c6f59%5EAS%2Fi%3Asynchroscript%3Bad_id%3A40%3Bzone_id%3A8%3Bview_key%3A1704358597436%3Bduration%3A0%3Baf%3A0.00000000%3Btf%3A0.00000000%3Bnp%3A0.00000000%3Bgp%3A0.00000000%3Bc%3AUSD%3Bbaf%3A0.00000000%3Bbtf%3A0.00000000%3Bbnp%3A0.00000000%3Bbgp%3A0.00000000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A13%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&listenerId=a7d15b6955d88365d25d0be6e72b1200&sessionId=4cd3dbc04d4458441a55b2be8e6ee6b&ip=%3A%3Affff%3A38.132.118.68&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&us_privacy=null&cbs=6961252&charset=windows-1252&loc=https%3A%2F%2Fsynchroscript.deliveryengine.adswizz.com%2Fwww%2Fdelivery%2Fafr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&withtext=1
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:37 GMT
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
content-length
43
x-amz-cf-id
mfmbtd5vnKi5Sns0ltW_v8i3JLO0Yrkstu24bBsB_ZObUFTqDyIAfQ==
usync.js
eus.rubiconproject.com/ Frame 0E0E 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 08:56:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jan 2024 04:55:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71921
Connection
keep-alive
Content-Length
13173
Expires
Fri, 05 Jan 2024 04:55:18 GMT
dcl.htm
rt3070.infolinks.com/action/ 		0
61 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3070.infolinks.com/action/dcl.htm?rid=6c91e231-b3ee-48e7-9a82-de090dc7af09&prod_t=u&sdata=agreement&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1914.009-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://duperb-shop.ngontinh24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 08:56:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
840244f3ad3b5c64-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie
sync.cootlogix.com/api/ Frame 7778
Redirect Chain
  • https://u.openx.net/w/1.0/cm?cc=1&id=4241c706-9fd2-4ae4-b2d7-c9f8d34e773c&ph=f4cc9fb1-057b-4e7a-b393-325ee9109574&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcoo...
  • https://sync.cootlogix.com/api/cookie?partnerId=openx&userId=3ba15838-10cc-43c8-a5be-c3b0b230705b&gdpr=0&gdpr_consent=&us_privacy=1---
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=openx&userId=3ba15838-10cc-43c8-a5be-c3b0b230705b&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:38 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

date
Thu, 04 Jan 2024 08:56:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.cootlogix.com/api/cookie?partnerId=openx&userId=3ba15838-10cc-43c8-a5be-c3b0b230705b&gdpr=0&gdpr_consent=&us_privacy=1---
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
khaos.json
token.rubiconproject.com/ Frame 0E0E 		7 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LQYZ3LUL-20-86GL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
cookie
sync.cootlogix.com/api/ Frame 0E0E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&us_privacy=1---&khaos=LQYZ3LUL-20-86GL
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LQYZ3LUL-20-86GL&us_privacy=1---
43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LQYZ3LUL-20-86GL&us_privacy=1---
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:38 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LQYZ3LUL-20-86GL&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
cookie
sync.cootlogix.com/api/ Frame 7778
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159988&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dpubmatics2s%26userId%3D%23PMUID%26gdpr%3D...
  • https://sync.cootlogix.com/api/cookie?partnerId=pubmatics2s&userId=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=&us_privacy=1---
43 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=pubmatics2s&userId=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:38 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

location
https://sync.cootlogix.com/api/cookie?partnerId=pubmatics2s&userId=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&gdpr=0&gdpr_consent=&us_privacy=1---
date
Thu, 04 Jan 2024 08:56:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
179
content-type
text/html; charset=utf-8
get
choices.trustarc.com/ Frame 6DF6 		287 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-109.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Tue, 05 Dec 2023 11:01:26 GMT
via
1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
YUL62-C1
age
2584512
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
dbhLQNNMJ7g049meKzG7037YuzPt1bKeQsStKmP1I22qWqTwRdgB0w==
expires
Thu, 04 Jan 2024 11:01:26 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D2A1 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie
sync.cootlogix.com/api/ Frame 7778
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=vidazoo&us_privacy=1---&gdpr=0&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005?redir=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dunruly%26userId%3DRX-d414429b-91ca-4e66-...
  • https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&us_privacy=1---
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&us_privacy=1---
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:39 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

location
https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&us_privacy=1---
date
Thu, 04 Jan 2024 08:56:39 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd414429b91ca4e66977e78ebb86b19bc005
content-type
text/html
pubmatic
s.seedtag.com/cs/cookiesync/ Frame 127A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 04 Jan 2024 08:56:39 GMT
server
openresty
via
1.1 google
pubmatic
s.seedtag.com/cs/cookiesync/ Frame 59A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 04 Jan 2024 08:56:39 GMT
server
openresty
via
1.1 google
usersync
x.serverbid.com/ Frame BCF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Thu, 04 Jan 2024 08:56:38 GMT
usersync
x.serverbid.com/ Frame AE21 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Thu, 04 Jan 2024 08:56:38 GMT
match
events-ssc.33across.com/ Frame C970 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Thu, 04 Jan 2024 08:56:39 GMT
via
1.1 google
match
events-ssc.33across.com/ Frame 72AA 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Thu, 04 Jan 2024 08:56:39 GMT
via
1.1 google
cookie
sync.cootlogix.com/api/ Frame 7778
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58576/occ?gdpr=0&gdpr_consent=
  • https://sync.cootlogix.com/api/cookie?partnerId=yahoo&userId=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A&gdpr=0
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=yahoo&userId=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A&gdpr=0
Requested by
Host: duperb-shop.ngontinh24.com
URL: https://duperb-shop.ngontinh24.com/
Protocol
H2
Server
67.205.191.172 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:56:39 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

location
https://sync.cootlogix.com/api/cookie?partnerId=yahoo&userId=y-JP.Vh.lE2uGvl0.zsOpjSoqbNwgMv_V7rU6qGgA-~A&gdpr=0
date
Thu, 04 Jan 2024 08:56:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
csync
sync.spotim.market/ Frame 9B5A 		43 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&traffic_source=snippet&session=78A324727F68D62D&sp=750078&pb=612004&c=570607&a=281178&domain=visitor.omnitagjs.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D570607%26a%3D281178%26domain%3Dvisitor.omnitagjs.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 04 Jan 2024 08:56:39 GMT
Etag
25df8c62b5c6d1ae
Server
Spotim
envelope
lexicon.33across.com/v1/ 		42 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.3.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jan 2024 08:56:45 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ppid
lexicon.33across.com/v1/ 		42 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/ppid?pid=0015a0000344WLkAAM&ver=1.3.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ppid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://duperb-shop.ngontinh24.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jan 2024 08:56:45 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://duperb-shop.ngontinh24.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| documentPictureInPicture function| gtag object| dataLayer object| $MMT string| c function| __h82AlnkH6D91__ object| adsbygoogle object| lazySizes function| onImageError object| regeneratorRuntime object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| xDomainCookie function| __p4qa8r1lb17__ string| cHViLTcxMDk4NjQyNTkzNDg5Mzg= object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZWIwYzUwOGE2ZGZkNmMyZWxvYWRlcl9qcw== string| ZWIwYzUwOGE2ZGZkNmMyZWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| googletag object| _aps string| ggv2id function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| confiant boolean| apstagLOADED object| ggevents undefined| bean object| GUMGUM object| ggData object| ox_esp object| google_llp boolean| adsbygoogle_ama_fc_has_run number| SQC-2 object| plObj object| criteo_pubtag object| criteo_identitytag_146 object| Criteo object| Criteo_identitytag_146 object| signal_decrypted object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 boolean| creativeVendorLibraryLoaded object| ID5 object| __id5_instances object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| xl8img boolean| isPxlSent object| adSizes function| confiantDfpWrap object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| infolinks_pid undefined| infolinks_wsid undefined| infolinks_advtq boolean| infolinks_iframe string| infolinks_basePath object| infolinks_slots boolean| infolinks_initFromFrame boolean| iceLoadStarted function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 0387bc3b-c317-462e-b749-b05e018f9e5e function| _typeof function| _defineProperty number| $iceId object| iqscript object| $jscomp function| getIfbip number| iqilsource function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array function| _33AcrossIdMappingsProvider function| _33AcrossPpidMappingsProvider function| setImmediate function| clearImmediate object| stip object| hook object| dimObj string| adviewUrl object| googDdmPs

379 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CiIKBgiiARDyFgoGCNIBEPIWCgUIChDyFgoJCP____8HEPwW
i6.liadm.com/s Name: _li_ss
Value: CgA
.ngontinh24.com/ Name: _ga
Value: GA1.1.2035237425.1704358591
.ngontinh24.com/ Name: _ga_54725HQVMF
Value: GS1.1.1704358590.1.0.1704358590.0.0.0
duperb-shop.ngontinh24.com/ Name: session
Value: 65f682b4-6cfa-41b5-b4ca-fb3e89f95822
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813
.seedtag.com/ Name: st_uid
Value: 722da50a-be2c-4fd7-b43b-6546027bc6a6
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBTdGF0ZXMmY291bnRyeV9pc28yPVVTJmNvdW50cnlfaXNvMz1VU0EmcmVnaW9uX25hbWU9RmxvcmlkYSZyZWdpb25faXNvMj1GTCZjaXR5X25hbWU9TWlhbWkmbG9uZ2l0dWRlPS04MC4zOTI3JmxhdGl0dWRlPTI1LjkwOTImbWV0cm89NTI4JnppcD0zMzAxOA==
.serverbid.com/ Name: CONSUMABLEID
Value: d6c96a57362a4209896a57362a820900
.go.sonobi.com/ Name: _usd_duperb-shop.ngontinh24.com
Value: 66c2712f-b06b-465c-b06d-64fa524c60a8
.go.sonobi.com/ Name: __uis
Value: 6e6e8eff-b5f9-4db9-b257-c5768bc40410
.go.sonobi.com/ Name: __uih
Value: 1
.rubiconproject.com/ Name: khaos
Value: LQYZ3LUL-20-86GL
.a-mo.net/ Name: amuid2
Value: 7104abb1-a97a-4605-b391-df0f51751199
.prebid.a-mo.net/ Name: sd_amuid2
Value: 7104abb1-a97a-4605-b391-df0f51751199
.openx.net/ Name: i
Value: 1a821604-3610-4789-8062-495c67b0f7cd|1704358591
.ngontinh24.com/ Name: lotame_domain_check
Value: ngontinh24.com
.ngontinh24.com/ Name: __gads
Value: ID=ff689ee3342bc18d:T=1704358591:RT=1704358591:S=ALNI_MZvSrC7lDcE9PzK2W6a9zOb19zA7A
.ngontinh24.com/ Name: __gpi
Value: UID=00000db0c34d1526:T=1704358591:RT=1704358591:S=ALNI_MYhJVJshTboyLXZGTfnUVrZ8N-1Yg
.yieldmo.com/ Name: yieldmo_id
Value: VEcF888LLF8ncRyQhGBf%7C1704326400000%7C3443528549445796689%7C3076949134012260636
.omnitagjs.com/ Name: ayl_visitor
Value: d5bc226a1bc13e0585575a375e2ac5e5
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 93125d590ce9f812eb9ef3c7d6019b62
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ngontinh24.com/ Name: _cc_id
Value: 93125d590ce9f812eb9ef3c7d6019b62
.ngontinh24.com/ Name: panoramaId_expiry
Value: 1704444992079
.pippio.com/ Name: did
Value: q4JircZr-rkiZ6IU
.pippio.com/ Name: didts
Value: 1704358592
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMDl2awGEgYIgr0rEAA=
.exelator.com/ Name: EE
Value: "1b78dd7b81a876b973511698475320c6"
.yahoo.com/ Name: A3
Value: d=AQABBMBylmUCEPLovHP-yfiJvS9jv10Y9GUFEgEBAQHEl2WgZQAAAAAA_eMAAA&S=AQAAAlErueRLJKQhFUtcyrglGVE
.linkedin.com/ Name: li_sugr
Value: 7031ab5d-ede3-4326-9b54-b5d185afd84b
.linkedin.com/ Name: bcookie
Value: "v=2&7b79de5a-c3ce-46fc-890d-cfd724e1855f"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3100:u=1:x=1:i=1704358592:t=1704444992:v=2:sig=AQFQUO0inFgLlKNsRipxaa8ld4qRcWe5"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEwydwiJcU8ycIw0cLcLMnS3NjU0NDM0sLE3NTYyCDZbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252FLvAEAXwsp2Q%253D%253D"
.adsrvr.org/ Name: TDID
Value: 096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A28WFchMFk58qiBNy99nWgo
.openx.net/ Name: univ_id
Value: 537072971|096ff5a8-509a-4ad7-9e7e-5f6dfcb42205|1704358592482049
.twitter.com/ Name: personalization_id
Value: "v1_sgh/MV9Gru94bE7g7Ht0eQ=="
.adnxs.com/ Name: uuid2
Value: 636979850693708765
.3lift.com/ Name: tluid
Value: 2470123173329690347838
.simpli.fi/ Name: suid
Value: 42D3FF6D47FB4FDCBA093AD588E3B0A1
.bidswitch.net/ Name: tuuid
Value: 97c6f5a2-cd54-4303-8f86-b973f7a4e46c
.bidswitch.net/ Name: c
Value: 1704358592
.bidswitch.net/ Name: tuuid_lu
Value: 1704358592
.smartadserver.com/ Name: pid
Value: 3011296250024499263
.sharethrough.com/ Name: stx_user_id
Value: d47d5a5d-7b3c-413f-a3f9-885860ad57ae
.doubleclick.net/ Name: IDE
Value: AHWqTUk2Y4Vl_vwhh5Vi41HfEzvR71t8qtBpU4_7WGvcRKETw0xmbdYnQPbrvLHfFn4
.imrworldwide.com/ Name: IMRID
Value: 285b8720-aadf-11ee-bd9f-0b0c946fbd0a
.mediago.io/ Name: __mguid_
Value: 746ded221a01ed952t9qag00lqyz3mox
.smaato.net/ Name: SCM
Value: 331d97c4aa
.smaato.net/ Name: SCMaps
Value: 331d97c4aa
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7b93ded92e34d603
.contextweb.com/ Name: V
Value: pGp0OXObzqUD
.turn.com/ Name: uid
Value: 7995778992001487599
.deepintent.com/ Name: CDIUSER
Value: di_3bdf3d294de14b9bb7d1b
.prebid.a-mo.net/ Name: __amc
Value: 4_1704358591_1704358592
.zemanta.com/ Name: zuid
Value: oaPM0sJO2eiGBZGXbFb6
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ef956d8e-f409-5138-7252-8d79ad66eee1.EqkLbCY%2B08s3QUF2Eb22YzXQioMzKUuQhXa%2BwJoBT18
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ef956d8e-f409-5138-7252-8d79ad66eee1.EqkLbCY%2B08s3QUF2Eb22YzXQioMzKUuQhXa%2BwJoBT18
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A75VtjvQJUThyUo15rWbu4SaEdkQ.Ird9DESganAi2T9giD1RRWRzE8qzgZoQ4ViY%2FZ3pPww
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A75VtjvQJUThyUo15rWbu4SaEdkQ.Ird9DESganAi2T9giD1RRWRzE8qzgZoQ4ViY%2FZ3pPww
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBLD3sLUg6M-a5X3ViS-hCwz7jmcWuveS-hKgkdfcq1qEHwYBCDA5dmsBjABOgT90vuTQgRK5KDe.NouMFtkOLitGTQECQ5APG9pRw8Ja0NqLuoswLcGrbi0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBLD3sLUg6M-a5X3ViS-hCwz7jmcWuveS-hKgkdfcq1qEHwYBCDA5dmsBjABOgT90vuTQgRK5KDe.NouMFtkOLitGTQECQ5APG9pRw8Ja0NqLuoswLcGrbi0
.ipredictive.com/ Name: cu
Value: 9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f|1704358592856
.csync.loopme.me/ Name: viewer_token
Value: c11e053f-b607-4b5d-8ab0-dc58f3d0ecd2
.adform.net/ Name: C
Value: 1
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.adform.net/ Name: uid
Value: 3718888275283899047
sync-dmp.mobtrakk.com/ Name: pid
Value: Y2VmMDEyOTdkODUwN2Q
.go.sonobi.com/ Name: HAPLB8G
Value: s8555|ZZZyx
.creativecdn.com/ Name: u
Value: 5mcPRQ0Z6MGtYXAz9iGf
.creativecdn.com/ Name: g
Value: 5mcPRQ0Z6MGtYXAz9iGf_1704358593022
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005%22%7D
.socdm.com/ Name: SOC
Value: ZZZywcCo5ukAAG3uQjIAAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
.media.net/ Name: visitor-id
Value: 3473601931523688000V10
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
duperb-shop.ngontinh24.com/ Name: logglytrackingsession
Value: 1acfaba7-3536-43f1-aaa2-0ccb315c3e78
.media.net/ Name: data-g
Value: CAESEMrblUvQi8LnAtqFy6etmMU~~6
.quantserve.com/ Name: mc
Value: 659672c2-74332-33aee-3a574
.bidswitch.net/ Name: google_push
Value: AXcoOmSswvVDHOR6RAJQ-FZMl9eVNA333JmA_n0MmXim2wn8RabjVXO4AdfUa14haIBjzJG5dfBMhIsKa007k-RQ1-XtG8h7pxpH
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.infolinks.com/ Name: cuid
Value: 8d0b7f0c-bc31-4eca-a0a1-6a1e574956ed
.smaato.net/ Name: SCMg
Value: 331d97c4aa
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22C53D2D14-901A-4A1C-01CA-F292AB28C758%22%7D
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.acuityplatform.com/ Name: auid
Value: 872560550568
.inmobi.com/ Name: idsp_c
Value: 5444f631-217d-4d92-a662-0b791dc2bbba
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1704358594683
.tapad.com/ Name: TapAd_DID
Value: 3d1b2723-fc4b-48f1-9bfb-e6a6d7355385
.bidr.io/ Name: bito
Value: AAK7pU7LLOYAABZ7UayRiw
.w55c.net/ Name: wfivefivec
Value: 1wbExGEw1RljwK5
.teads.tv/ Name: tt_viewer
Value: 71df1298-743f-4e54-bb27-7356a6bb8d6c
.w55c.net/ Name: matchgoogle
Value: 5
.advertising.com/ Name: A3
Value: d=AQABBMJylmUCENxsVZIc0IZ3TREgLGDqld8FEgEBAQHEl2WgZdxH0iMA_eMAAA&S=AQAAAuesakbfF3SNi3Xs3cq88Fc
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESED_YHbpzPl2h2AzZ4FdV8O8&KRTB&23025-CAESED_YHbpzPl2h2AzZ4FdV8O8&KRTB&23386-CAESED_YHbpzPl2h2AzZ4FdV8O8
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:42D3FF6D47FB4FDCBA093AD588E3B0A1&KRTB&23486-uid:42D3FF6D47FB4FDCBA093AD588E3B0A1&KRTB&23489-uid:42D3FF6D47FB4FDCBA093AD588E3B0A1&KRTB&23539-uid:42D3FF6D47FB4FDCBA093AD588E3B0A1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&KRTB&22918-096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&KRTB&22926-096ff5a8-509a-4ad7-9e7e-5f6dfcb42205&KRTB&23031-096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7995778992001487599&KRTB&23150-7995778992001487599&KRTB&23527-7995778992001487599
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&KRTB&23011-9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f&KRTB&23355-9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
.infolinks.com/ Name: OXUSERCOOKIE
Value: e2b90bcc-8c43-4ff2-9b7b-b646fb3061a5
.infolinks.com/ Name: SHTUSERCOOKIE
Value: d47d5a5d-7b3c-413f-a3f9-885860ad57ae
.infolinks.com/ Name: TPLSERCOOKIE
Value: 2470123173329690347838
.casalemedia.com/ Name: CMPS
Value: 2945
.infolinks.com/ Name: EQVSERCOOKIE
Value: 3011296250024499263
.infolinks.com/ Name: ANUSERCOOKIE
Value: 636979850693708765
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-inTcQAJE2uJrXK1z.nOxW2rmP9Kw_z7t~A
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: oaPM0sJO2eiGBZGXbFb6
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1184422%7Crc%3D1184422%7Ctapad%3D1184422%7Cpub%3D1184422%7Can%3D1184422
.pxl.iqm.com/ Name: infolink
Value: MTcwNTU2ODE5NTAxMA==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5
.criteo.com/ Name: uid
Value: dfd9c401-4826-49c5-a91b-134ec9897dcf
.tynt.com/ Name: uid
Value: Vz/bJWWWcsPMu3ZvalLzUQ==
.adkernel.com/ Name: DSP2F_78
Value: 420324
.adkernel.com/ Name: ADKUID
Value: A6889557712162601980
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cSkD72HtjNhbXcx69_OC7-Uy0QqMlCz9W5mDFijATUxEoXXqlIbW0y6JC8srMC4Q2
.casalemedia.com/ Name: CMID
Value: ZZZywtRGY3i0IrndgkdX3AAA
.casalemedia.com/ Name: CMPRO
Value: 2945
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-9hTXqVpE2uF7w27tuBIAokOn_asCwVk1~A
.media.net/ Name: data-inf
Value: setstatuscode~~41
.primis.tech/ Name: csuuid
Value: 659672c309a81
.connatix.com/ Name: cnx_userId
Value: 85cab054b41248fd8ba80e6c962169cc
.infolinks.com/ Name: IQMUS
Value: 2c6ff3ce-a40c-428a-83f4-3fb324b9cbe5
.lijit.com/ Name: _ljtrtb_80
Value: LQYZ3LUL-20-86GL
.smaato.net/ Name: SCMt
Value: 331d97c4aa
.adnxs.com/ Name: XANDR_PANID
Value: 20Z0TgFGEc1KlpvJFj3s_tXri4ouKFjP54qZpTl2VIV1h98hLtHnbyTa5U8GUEu1nk7Zu0t8yfg0mqPV3aCSrp-ZWTpWHNpyJB9EbtfXmbo.
.c.appier.net/ Name: _auid
Value: KO08cinvDfibA54Bw3KWZQ
.c.appier.net/ Name: _gu
Value: CAESECbLfoIr6Q936n8jfNjxasM
.hb.yahoo.net/ Name: visitor-id
Value: 3473601951523633000V10
.hb.yahoo.net/ Name: data-mag
Value: LQYZ3LUL-20-86GL~~63
.infolinks.com/ Name: MNETUSERCOOKIE
Value: 3473601931523688000V10
.infolinks.com/ Name: SONOBIUSERCOOKIE
Value: 6e6e8eff-b5f9-4db9-b257-c5768bc40410
.lijit.com/ Name: ljt_reader
Value: H7yYaLZHttzIvJpmTweNNASm
.cootlogix.com/ Name: vdzj1_3646a4db
Value: WxQ13JYxvlJ1uqgNxtMXsIFx4%2BXxADFGxCL2hvS0EJewNHQ1Z2SREoO0kSX38EQRNWLE9WZntORFwrA0NGVywdFyg%2FGk9bfwVCR1B%2BGRBodVpAXixUQEYELBwSfWscQll5CURCU3tJRCt7VFRaeQNEE1d3TkN7aEBCWXJSREhWehlBf2xaWk5%2FV0ZEVCseQi5uTEJdKQFFQFAqGxF9OhxUQGgEE0ICekhMczoaQVsrB0VBVnkbF35sHEJOZhNDQlMrQUx6bRoUXylVQxICKkpEKWpPQw5oHVdHVipMQXpoTEVfeAVGEFd%2BSUN6PB5BCikTWVNRfEkReGxPFVQuBxFIUXpLTXppSUdVe1dXLEtsGxs%2FNwxUVnodVxYDPgpWcCJaHx8PZFdLAS8UBy91WhEIOkNXS0V%2BWlhoPhwGHgleGwICIAxWcHtaWk4%2FQiUDDjgZFzN7QlRdZxxYUxpiWgcvKgsfAyQTT1NSKhpELj1NRUF5BE1JSi1LEi90HhUJfBxCQVZ6QUxzbUBHVSkTWVMEIRYaLzoMHwMkeBFTXWxOR308TkNYfFUQEgV2ShB%2BbEpFWiwBE0lFYlodORAeBA0nVFdLEzwNETc%3D
.infolinks.com/ Name: QCUSERCOOKIE
Value: ZtxDc2fbGXd93k52Y9tXdmOIHyB92htwZ92ZQUBk
.ads.yieldmo.com/ Name: ptrrc
Value: LQYZ3LUL-20-86GL
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlBMz0Bfcw0zpBnnWNP1+1LDNBBDT6B6hn6AN1EeUxBEaBu2BBBe9hNMP1+Euy+WQtEpuh19R9aW6x8y==
.bluekai.com/ Name: bku
Value: ZoW991B0kZPyszTy
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: H7yYaLZHttzIvJpmTweNNASm
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: 85a99178-479b-3533-a785-972aa959f0f9
.technoratimedia.com/ Name: tads_uidp_44
Value: LQYY4YFH-1I-HPMB
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 3143445689582582454
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAANCGEwEb8IgwNaw1RSAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 99353c91-6c2f-4632-bc8c-3b1f4d9ccc36
.technoratimedia.com/ Name: tads_uidp_61
Value: 212406119660706
.technoratimedia.com/ Name: tads_uidp_62
Value: 3473585741523742000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: 3mYjRGm953R8lAaB46S0um1q0QGnOczI
.technoratimedia.com/ Name: tads_uidp_7
Value: dc5c66a5-7841-4d77-b1d1-9cf92eb48236
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AAK7pU7LLOYAABZ7UayRiw
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-44de8b36-0a76-4e83-871b-5ced54f29e4f-005
.technoratimedia.com/ Name: tads_uidp_77
Value: ms5agGkz-1V4Mq5LaUdUZ-d8C52NBw8PiJjBUS_DVoA
.technoratimedia.com/ Name: tads_uidp_80
Value: y-imPb6hRE2uFZIqxqKwI8QYpkDyYTc1L5~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZZZmobeBevC4b-EMDkjrVwAA&390
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 2540677936312445344354
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1703211272902
.infolinks.com/ Name: IXUSERCOOKIE
Value: ZZZywm0kJuFq-2paTsMZ7QAA&1655
.taboola.com/ Name: t_gid
Value: 90e20f62-1c03-400c-a74c-441955609609-tuctc8ff843
.taboola.com/ Name: t_pt_gid
Value: 90e20f62-1c03-400c-a74c-441955609609-tuctc8ff843
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-d400ded6-2d9e-327e-a8ba-f5c0ce55b761
.lijit.com/ Name: _ljtrtb_27
Value: 096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
.33across.com/ Name: 33x_ps
Value: u%3D212406146400894%3As1%3D1704358595293%3Ats%3D1704358595293
.mgid.com/ Name: lmg_usr
Value: 24e02afd-9be6-4ed8-9445-99318014a9e7
.mgid.com/ Name: lmg_r
Value: 13
.intentiq.com/ Name: IQver
Value: 1.9
.infolinks.com/ Name: DISUSERCOOKIE
Value: ua-d400ded6-2d9e-327e-a8ba-f5c0ce55b761
.ads.yieldmo.com/ Name: ptran
Value: 636979850693708765
.ads.yieldmo.com/ Name: ptrpp
Value: pGp0OXObzqUD
.infolinks.com/ Name: 33AUSERCOOKIE
Value: 212406146400894
duperb-shop.ngontinh24.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22096ff5a8-509a-4ad7-9e7e-5f6dfcb42205%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-04T08%3A56%3A34%22%7D
duperb-shop.ngontinh24.com/ Name: pbjs-unifiedid_cst
Value: VyxHLMwsHQ%3D%3D
.infolinks.com/ Name: MGIDUSERCOOKIE
Value: 24e02afd-9be6-4ed8-9445-99318014a9e7
.infolinks.com/ Name: QORAUSERCOOKIE
Value: A6889557712162601980
.sitescout.com/ Name: ssi
Value: e65110dc-18c6-48ed-aea1-ecb683b2df19#1704358595406
.clickagy.com/ Name: cb
Value: ZZZyw_ZVWwS9bs1nA8HEhcKA
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2024-01-04 08:56:35"}]
.media6degrees.com/ Name: clid
Value: 2s6qbib01171fvibwpsys9n40000000104010101101
.media6degrees.com/ Name: acs
Value: 012020k1s6qbibxzt10
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAK7pU7LLOYAABZ7UayRiw
.liadm.com/ Name: lidid
Value: acb33ec3-2891-4eff-a1f7-705c73607972
.360yield.com/ Name: tuuid
Value: f501ae40-c8fe-4c1d-be07-b5ee7674725a
.360yield.com/ Name: tuuid_lu
Value: 1704358595
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAClYqgdsPlNAN7ny68AAAAAAA&KRTB&22713-AAAClYqgdsPlNAN7ny68AAAAAAA&KRTB&22715-AAAClYqgdsPlNAN7ny68AAAAAAA&KRTB&23519-AAAClYqgdsPlNAN7ny68AAAAAAA
.ads.stickyadstv.com/ Name: UID
Value: ba29f0725862814f34312b35923b1c62
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.cootlogix.com/ Name: vdzh5_c48e34a9
Value: 3YC12i86EecRGVyXFEhpFKgsMMC50Q3pwDA5TfQAFNGo0TD5%2FRAxSJ1xOMHVjTnUlXA8AfQcAZndiSGhkFA%3D%3D
.cootlogix.com/ Name: vdz_sync
Value: a06b14aa-2e2a-0451-0bbc-943f31ac57a8
.infolinks.com/ Name: FRWHUSERCOOKIE
Value: ba29f0725862814f34312b35923b1c62
.360yield.com/ Name: um
Value: !79,.bdMgGWIUFzIGJbinNckomU8wg6yfSv.QeHpLktofIpXYXfGpT8UTr5RGZ8k.KqzlY5rhJtnh8j3zery,1712134595
.360yield.com/ Name: umeh
Value: !79,0,1766566595,-1
.contextweb.com/ Name: ccpa
Value: 1---
.ads.yieldmo.com/ Name: ptrpub
Value: EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
.dotomi.com/ Name: DotomiTest
Value: 4e8f27a3fdfb05ee
.ngontinh24.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_KjmwKeOCdHRTcE17qYARysyHxaav1Fw_B2MBkMzRdYhicvabehlezQsmth9HVS31BKGDS4J-oE-euQ4CkSg-FHuyb3UnYCiQhiRXkbM5dR2j3ii9eFKjm892E4DTmuPHPDiBCajbxbYpCXdEfAAs_Cc114w%3D%3D%22%5D%5D
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0sjQzMDUHQmMTIT5DXZcUI8_04ohww8TcbAB1LAzTJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0sjQzMDUHQmMTIT5DXZcUI8_04ohww8TcbAB1LAzTJQAAAA
.creativecdn.com/ Name: ts
Value: 1704358595
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQ
Value: fdgDXCEEHQ
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_2a212bf0-aadf-11ee-81db-125edd13ad3d
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.intentiq.com/ Name: IQPData
Value: 646215236#1704358595603#0#1704358595603
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwMTlfMCZVME5teVcw
.clientgear.com/ Name: mkuuid
Value: mkc77c4c75bd6243e4b341723856fa140d
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 1797288129605757534
.mgid.com/ Name: muidn
Value: o04z1rxEQCU0
.mgid.com/ Name: __cf_bm
Value: OViDI7JkqrkWieh3PKlAzqwFuCFnQCmJwd0i3Fa7pO4-1704358595-1-Afyiy3ikZs7ywVGphsv9YXzCH/bLZi2TbmkTkOAYJzBuXGgC2qo9sD0VJS4ZG//Rhyzez1QpxZZ9svslSHHuLRA=
.colossusssp.com/ Name: gtm_usr
Value: ba8cb3b4-4c4a-4670-8cab-e43f5583917f
.colossusssp.com/ Name: lmg_r
Value: 11
.mfadsrvr.com/ Name: tuuid
Value: 4a708add-0e53-4734-a44e-5c66e044d0b5
.mfadsrvr.com/ Name: c
Value: 1704358595
.mfadsrvr.com/ Name: tuuid_lu
Value: 1704358595
.intentiq.com/ Name: intentIQCDate
Value: 1704358595772
.rezync.com/ Name: zync-uuid
Value: e90e1cc7-04d2-44ee-be9b-7d7cda730143:1704358595.7628064
beacon.lynx.cognitivlabs.com/ Name: UID
Value: f52c0c08-cd50-4a1a-8fa3-bccb9d69912a
.adkernel.com/ Name: SSPZ
Value: 202694
.adkernel.com/ Name: DSP2F_40
Value: 639242
.infolinks.com/ Name: KADUSERCOOKIE
Value: EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75~1704366371838
.infolinks.com/ Name: CONSUSERCOOKIE
Value: d6c96a57362a4209896a57362a820900
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1704358595
.adx.opera.com/ Name: UID
Value: OPU88a2c345cef749f9ad89dcd7e5d07206
cm.mgid.com/ Name: mg_sync
Value: {}
.amitydigital.io/ Name: lluid
Value: e8ada473-c67f-217f-2b24-39cc63c74461
.amitydigital.io/ Name: llum
Value: eyJhbWQiOnsiMTEiOjE3MDQzNTg1OTU4NjZ9fQ
.googleadservices.com/ Name: ar_debug
Value: 1
.infolinks.com/ Name: AMDUSERCOOKIE
Value: e8ada473-c67f-217f-2b24-39cc63c74461
.adswizz.com/ Name: OAID
Value: a7d15b6955d88365d25d0be6e72b1200
.demdex.net/ Name: demdex
Value: 05661250126780334361948498372883485275
.dpm.demdex.net/ Name: dpm
Value: 05661250126780334361948498372883485275
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1704358595193%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1704358596036%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1704358595193%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1704358596036%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1704358596036%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1704358595193%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1704358596036%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1704358595193%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1704358595193%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1704358596036%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1704358595193%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1704358596036%7D%5D
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRWVozTFVMLTIwLTg2R0wiLCJleHBpcmVzIjoiMjAyNC0wNC0wM1QwODo1NjozNFoifSwiYW14Ijp7InVpZCI6IjcxMDRhYmIxLWE5N2EtNDYwNS1iMzkxLWRmMGY1MTc1MTE5OSIsImV4cGlyZXMiOiIyMDI0LTA0LTAzVDA4OjU2OjM2WiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTA0VDA4OjU2OjM0WiJ9
.richaudience.com/ Name: pdid
Value: 661a61ac-6bee-4892-8121-1zz1704358498
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!104-2!104-3!104
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.spotim.market/ Name: vmuid
Value: 25df8c62b5c6d1ae
.postrelease.com/ Name: visitor
Value: d43f5c03-b56a-48c4-be6b-bb4923127fef
.postrelease.com/ Name: status
Value: 1
.infolinks.com/ Name: TAUSERCOOKIE
Value: 3d1b2723-fc4b-48f1-9bfb-e6a6d7355385
.infolinks.com/ Name: 152USERCOOKIE
Value: A6889557712162601980
.yellowblue.io/ Name: wrvUserID
Value: w2Qr7xg-kp_s
.mxptint.net/ Name: mxpim
Value: R33645_10EC0C0F3_CD011995.1.659672C300000000659672C4
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNzEwNGFiYjEtYTk3YS00NjA1LWIzOTEtZGYwZjUxNzUxMTk5IiwiZXhwaXJlcyI6IjIwMjQtMDEtMThUMDg6NTY6MzYuMTc1OTU2MDcyWiJ9fX0=
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oxf|4is.0.CAESEGs0s9yzGlsTeFcLW-o4jdI|7TY.0|7TZ.0.1|2N.0.AAABcSc2fYNPzgNdzP8bAAAAAAA|7GB.0.1|3oy.0|7dN.0.AAK7pU7LLOYAABZ7UayRiw|8o4.0.1
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.richaudience.com/ Name: raibs
Value: 1
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 97c3dfbc-1351-5304-b931-afcfdca7dd0b
.betweendigital.com/ Name: ss
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_10EC0C0F3_CD011995&KRTB&23092-R33645_10EC0C0F3_CD011995
.betweendigital.com/ Name: ut
Value: ZZZyxAAEzngIkpLbmTpyMMSD6ab4931kUVuYFQ==
.cootlogix.com/ Name: vdzh5_7c6778a6
Value: wtf13ULL89KaReXxulLm4hXV0iADwALFpPTmZ4ewsPe1BrVmlNR19jdHQICXs3Y1V6BQ%3D%3D
.a-mx.com/ Name: amdt_t
Value: p::1704358596389
.a-mx.com/ Name: amuid2
Value: 7104abb1-a97a-4605-b391-df0f51751199
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.adotmob.com/ Name: uid
Value: 09ff220400ac3a23ca72f859
.adotmob.com/ Name: uuid
Value: 09ff220400ac3a23ca72f859
.adotmob.com/ Name: partners
Value: SMA%3A1704358596433
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.openx.net/ Name: pd
Value: v2|1704358592.3.1|iKbwvPvMgahEgKkWg2gy.wvmmuYwDwtvJeSwrf8wI.g6fYmKvuvRwi
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjcxMDRhYmIxLWE5N2EtNDYwNS1iMzkxLWRmMGY1MTc1MTE5OSIsImV4cGlyZXMiOiIyMDI0LTAxLTE4VDA4OjU2OjM2LjU0NDU2NzI2M1oifSwicnViaWNvbiI6eyJ1aWQiOiJMUVlaM0xVTC0yMC04NkdMIiwiZXhwaXJlcyI6IjIwMjQtMDEtMThUMDg6NTY6MzYuNTQ0MjQ0MzQzWiJ9fX0=
.smartadserver.com/ Name: csync
Value: 66:09ff220400ac3a23ca72f859|75:096ff5a8-509a-4ad7-9e7e-5f6dfcb42205|92:pGp0OXObzqUD|116:oaPM0sJO2eiGBZGXbFb6|127:AAK7pU7LLOYAABZ7UayRiw
.cootlogix.com/ Name: vdzh5_25af1e82
Value: jWt13Ge8t5QdvtbjOOPEdLHFQjEB4GDR8oJ2VfGhABZgBDFVcOYnglVltZAWBXEFkDWSl2al0AQQ1nVBcQV10uKmUY
.a-mo.net/ Name: amdt_t
Value: h::1704358596595
.id5-sync.com/ Name: id5
Value: 781ac3ea-693d-710f-96bd-4dfc922ddb81#1704358594365#5
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyV7JSMrA0S0szTbTQNTWwTNQ1SUwx17VMNU%2FVNU0zS0lLTjIxMjIwVdJRsjAAqvUJjIwy9gn10TUy0LUwc%2FdRqgUAYF8RWg%3D%3D
.lijit.com/ Name: _ljtrtb_92
Value: 636979850693708765
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZZZywtRGY3i0IrndgkdX3AAA&2945
.richaudience.com/ Name: avcid-sov-uid
Value: H7yYaLZHttzIvJpmTweNNASm
.rtb.mx/ Name: amdt_t
Value: g::1704358596692
.rtb.mx/ Name: amuid2
Value: 9573b7f9-d2d3-4fa4-ada7-f1049d8b2903
.brand-display.com/ Name: _knxq_
Value: a56ca7b2-d8e8-f36d-7d9ad8fb.1704358596.0.1704358596.1704358596
.richaudience.com/ Name: avcid-opx-uid
Value: 2b8360b7-c7a9-4f08-8189-0c8f2ed0a77a
.spotim.market/ Name: a482928
Value: f0f0a692-2608-4b97-b138-41a182cc06bd
.server.cpmstar.com/ Name: USER_ID
Value: %b5%94%093%82%a0%fe(%d2z%5c%00%d4%fb%b6
.richaudience.com/ Name: avcid-inx-uid
Value: ZZZywtRGY3i0IrndgkdX3AAAC4EAAAIB
.id5-sync.com/ Name: 3pi
Value: 434#1704358595258#1482773641|2#1704358595475#1662188758#636979850693708765|441#1704358595053#1966593235#u_ef05a4f4-ea21-4132-8f9b-509d7f0f4b21|203#1704358596515#1853262473#dfd9c401-4826-49c5-a91b-134ec9897dcf|124#1704358595658#111964618|796#1704358596262#1420965992|1246#1704358596728#-285641055
.rfihub.com/ Name: ub
Value: H4sIAAAAAAAA_-OKT3R01S2qMDFOt7V19EgxtDQ3MLJ0dDJ0dHR0yvLzLw_1MQGKJ2MXd8rAEElHEwEA1ZD_fmEAAAA
.admixer.net/ Name: am-uid
Value: 196a60dc5be448d19d2517c4d452c5f6
.agkn.com/ Name: ab
Value: 0001%3A1fn%2FyHzECZW7hXbR0d7DKA1FBnJplq0t
.pubmatic.com/ Name: DPSync3
Value: 1704412800%3A255_248%7C1705536000%3A260_259_201_262_261_258_263_256%7C1704931200%3A265%7C1705363200%3A257
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240104%22%2C%22141%22%3A%2220240104%22%7D
.w55c.net/ Name: matchpubmatic
Value: 5
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRjR2BEKEmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUY0dgRChI90aGlyZFBhcnR5VXNlcklkWkNBRVNFRXBEMXJOS3J5NC1VZEgzSmdwNFpnc/uANvpCzEMlAUY0dgUKmkQlAUY0dgUKmkUh+/uGdmVyc2lvbsL7
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNDM1ODU5Njk1OCwiMTciOjE3MDQzNTg1OTU0NTIsIjM5IjoxNzA0MzU4NTk2NDAzLCI3IjoxNzA0MzU4NTk2NDAzfQ
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZZyxAAL_FwkngBd
.spotim.market/ Name: a281178
Value: EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
.quantserve.com/ Name: d
Value: EAoBGwHpKoEO-TCJiTC7_fIA
.tribalfusion.com/ Name: ANON_ID
Value: aRnw7TPME7eQmKvCjSxrbF0FY8BUneRVjQK4fd1HblHdJZd2vVjWBllgOJc4U9IUTvE5FOHwunXkdkDtQ2sGIuwhd4cy3BYVbfZdQZaZaQu01eEhuqYFo9PreCqXCPWv
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7576449971279027690P
.owneriq.net/ Name: pmc
Value: 1
.richaudience.com/ Name: avcid-bsw-uid
Value: 97c6f5a2-cd54-4303-8f86-b973f7a4e46c
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_3bdf3d294de14b9bb7d1b
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:1wbExGEw1RljwK5&KRTB&23421-uid:1wbExGEw1RljwK5
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-636979850693708765&KRTB&23339-636979850693708765
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-872560550568&KRTB&23428-872560550568
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1797288129605757534
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-f52c0c08-cd50-4a1a-8fa3-bccb9d69912a&KRTB&23340-f52c0c08-cd50-4a1a-8fa3-bccb9d69912a&KRTB&23498-f52c0c08-cd50-4a1a-8fa3-bccb9d69912a
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-75VtjvQJUThyUo15rWbu4SaEdkQ&KRTB&23334-75VtjvQJUThyUo15rWbu4SaEdkQ&KRTB&23417-75VtjvQJUThyUo15rWbu4SaEdkQ&KRTB&23426-75VtjvQJUThyUo15rWbu4SaEdkQ
.kargo.com/ Name: ktcid
Value: e552349b-cac0-0493-5526-7fb12942ae80
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-mryJl5u705OBvoSSn7udkp_o1cSButGUm720zBaN&KRTB&19420-mryJl5u705OBvoSSn7udkp_o1cSButGUm720zBaN&KRTB&22979-mryJl5u705OBvoSSn7udkp_o1cSButGUm720zBaN&KRTB&23462-mryJl5u705OBvoSSn7udkp_o1cSButGUm720zBaN
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1704380197106
beacon.lynx.cognitivlabs.com/ Name: ss
Value: WTA7xJZen9L%2FMxkVD4Xr92Ju5di%2Fb%2BIxDYxWygmn0p56H0oJUlg3QREXVPGk1dEbY6dfPTgzn6RGYZfDmpJHUyugoExuJLKflLmNialr%2BmU%3D
.adnxs.com/ Name: anj
Value: dTM7k!M40*d<-p'ghqdmU(5=ytbH[-!]tbM.TOKQ9YfZ8=E'ZLigQuadY0FTgjZcN$eZSbRby1jP2!:GN3FPk<[L2H<?c)Y0WV@zkM/3AkBu82dXcm.n#2>RSyp!O:RotM)qzdITNo:F9jy1)t3hoyXSKI)el5Do1?=!$ZQA94P8+#`!d7F'QEVk`!40B.]X2B%
.rlcdn.com/ Name: rlas3
Value: 8ZMsMoKwaZGD/mMMTtcbhv/eNnQsZQLG1VASF0s417w=
.bfmio.com/ Name: __187_cid
Value: EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75
.bfmio.com/ Name: __io_cid
Value: 42344cc089d95d28d73385af2ef4d57a6da16927
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU88a2c345cef749f9ad89dcd7e5d07206&KRTB&23485-OPU88a2c345cef749f9ad89dcd7e5d07206&KRTB&23524-OPU88a2c345cef749f9ad89dcd7e5d07206
.thrtle.com/ Name: mc
Value: eyJpZCI6Ijc2YzdiZmI0LTc5NzYtNDg3ZS05NTM1LWM1NGFiNWI1NGEyOCIsImwiOjE3MDQzNTg1OTcxMTMsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553&KRTB&23418-e65110dc-18c6-48ed-aea1-ecb683b2df19-659672c3-5553
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3718888275283899047&KRTB&23263-3718888275283899047&KRTB&23481-3718888275283899047
.adgrx.com/ Name: ADGRX_UID
Value: 2b065bb2-aadf-11ee-b1df-8535da4c58cd
.pubmatic.com/ Name: SyncRTB3
Value: 1705536000%3A46_81_13_104_71_240_55_54_234_178_5_3_254_220_7_99_8_56_264_48_165_22_176_233_250_166_21_249_96_231%7C1704931200%3A2_223_38_15%7C1709510400%3A69%7C1706918400%3A224%7C1705622400%3A35%7C1705190400%3A63
.mathtag.com/ Name: uuid
Value: fe546596-72c5-4900-80f4-27d38df54edb
.aralego.com/ Name: sspid
Value: 321b53aa-f48e-3bd6-8449-e16f9fb03b76
.rlcdn.com/ Name: pxrc
Value: CMDl2awGEgUI6AcQABIFCOhHEAASBgi66gEQBRIGCLjrARAAEgYIlqwrEAASBgiQvCsQAg==
.media.net/ Name: data-rk
Value: 1797288129605757534~~3
.cootlogix.com/ Name: vdzh5_af871a91
Value: V0812WQNhA4MAqGGJLHMpGihQb3tTfnApYTd7CXMZLiVEc2p%2BZGF9RXlSdXdcJX59ZDd5CXVReXcSZTo%3D
live.rezync.com/ Name: sd-session-id
Value: .eJwNjEEOgyAQAP-yZzELLCzwGaOwB9JKG9FLTf8umdMkk7lh-cqxr03aCek8Lpkgv-uwDumGXn-7vCCB5sgmBG2iR8cDS_CfoEvv9dOWWkYjEUXnzAqpGEUkojaJm-LCuaxsUZNNmpGsCy66mb0J6MfnAcjoJg4.ZZZyxQ.Wdk847RUP-VnQ5D3XJctuoZBN2E
.krxd.net/ Name: _kuid_
Value: QA-gZeaV
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:71a86596-72c5-4400-ab6f-fc9691e649ff
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005%22%2C%22nxtrdr%22%3Afalse%7D
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129fALDDVPyzGIMPVwjve1KCpIMw9N9G1iMU-1NEg1TE421zUwSTHSNTFJTdVNSrVM0jVPMU9OSTQ3NjA0MbYyNDcwMTa1MLU01TM3M7IwMDMBADPKkjhYAAAA
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-97c6f5a2-cd54-4303-8f86-b973f7a4e46c
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-2b065bb2-aadf-11ee-b1df-8535da4c58cd&KRTB&23275-2b065bb2-aadf-11ee-b1df-8535da4c58cd
.eyeota.net/ Name: mako_uid
Value: 18cd3b052c8-59730000010a52ca
.eyeota.net/ Name: SERVERID
Value: 21194~DM
.fwmrm.net/ Name: _uid
Value: umo103e_7320177744485245712
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005&KRTB&17107-RX-d414429b-91ca-4e66-977e-78ebb86b19bc-005
.pubmatic.com/ Name: PugT
Value: 1704358596
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umo103e_7320177744485245712
.ads.stickyadstv.com/ Name: MRM_UID
Value: umo103e_7320177744485245712
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13OLQ7CQBAF4EDAQFAVGK6wZPZ3ujjSNKkpCZAmONKfrUIQjoKsrERW9ggcAYnkCCgcbUd-mXl5b7biwTY8htFun2B5gZOOgnPs364lJml8WHAEJbWvLQoU1aizQWubvq3iLbk_iT_EX-L7eOia-EHcELf0fzL0q2cEK5opyc_JHg-dBcfzHBmoQjClnGOZsxnDAvMiRQlcyc0_pNdohA9GVV6vSUtVD63fHlm67KwNiB-2dQUslwEAAA
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAK7pU7LLOYAABZ7UayRiw
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-f.OrGddE2oNRQmYEkbqT9JSKgR52AtteqDSocteY~A
.adsby.bidtheatre.com/ Name: __kuid
Value: 0eca7b9d-fd2a-4810-ac57-b53b076f13ae.473572597
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIstC1zqLDxjwQBRIWCgdydWJpY29uEgsIoLmI3qLDxjwQBRIVCgZnb29nbGUSCwjEjcjfosPGPBAFEhcKCHB1Ym1hdGljEgsI2PaW4KLDxjwQBRIUCgV0YXBhZBILCKD-h-Oiw8Y8EAUSFQoGY2FzYWxlEgsIhOi-5aLDxjwQBRIZCgpsaXZlaW50ZW50EgsIjvu4-KLDxjwQBRgBIAEoAjILCMbw3qq5w8Y8EAU4AVoJc3RpY2t5YWRzYAI.
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-KO08cinvDfibA54Bw3KWZQ
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 096ff5a8-509a-4ad7-9e7e-5f6dfcb42205
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEH56MCNCa070E3wYV5QnPX4
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: 1wbExGEw1RljwK5
.cootlogix.com/ Name: vdzh5_6f2fa2a3
Value: vrS12JSJUex0TJUh8MXElJQAWSHZwd1taK2J%2FbVZAHWV6NgsVfmApbUgZBTYveAsLKGMoZ1ZIB2R%2FN0pF
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 636979850693708765
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 9e176c2d-048e-4ba4-8ee7-e60ff72a7e5f
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcKtfbK2QKGk1KS5Bv7H1ouoxdnNVF8ci14/ybvdeqGenoNrhraxtpGXGcjOAZnIEsdSbJNFE9d254QX1LUiAazocpj76PKZXj+nWXhLUcm2dCbZ5MKU9qTaTc5gaaihuXs=
.cootlogix.com/ Name: vdzh5_62eab693
Value: xni11e4oCIUUadk0HhYdNis8Ng4KSQpHeD4aE2YZNChGAlUZV3UOGXcc
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 15
.cootlogix.com/ Name: vdzh5_97957c70
Value: ep611RKpFsioxLWNKWkAMxEEDgwlND1gOFJ8USwuTQ9ufWN4XQdALS5VeBUPE2Yxc0RQQk55EXkXfzFxMC9YTW4q
.pubmatic.com/ Name: SPugT
Value: 1704358598
.cootlogix.com/ Name: vdzh5_035681e8
Value: fCd11IQE8jziRSSnMnMwVhgPBStxaUwbCWhcXktdZmFqDGRodFsLV103ZWVDcGZyXUdNUTcxMVZ%2FM3QBCBlEYmNmTDQ%3D
.seedtag.com/ Name: st_cs
Value: +/NKH0sfiRzz91oLXVjqWiC/BhsBuhKtrzWqKThsYDEC5p6xtWg32l1asutSUbPZNSwxprcfMDHb0pzCmoJmx/ezEm+utM4+MU7ADGGHMvCBaOLkpxqrllHi59DaZ9tkpYJc6DVi8kZafhasF/+37sPIF1B+nvfKpw5qnw7DYjooj9dvsdjAVVDJnBTqHgLoqzeC/0OjyGR/pCi/89boF0roICT0ZY2VnPGWTFjELhgUDUv55J4DMKveVYyXzuWnJTl0tWmBjR7k61F6IE/CN3oHo2fLNR0F9AC4XimgN6lCK6J0J9xF66n+DmCIis3PzaLoHGYfrFFFShPfrrpo/MphYTl5uZohlpw3i7tnIjj8L2bCLqbpj0pVzWgXj4gz6ettTE3dPyGtRCy1s2Po3bGSREPIvJlDpCcqBwwhx8jLvT1bq4SPzmoVJiIxQ7Ev3qNO6l6iKIjwTBfpcH+v8yCOZ8kActf+B2ZZ1f+jAdrF2p3wTcelqIs6LEIFR3tkn8t+Td+0quEcNpdVMoQMMXmHCRIKr1JkuMgfFZXODNi70I4q175ve0aAuJ+mRtK48FpjJAPexjWYtVN+qnaKulvbarHIraAesaksVUz7l7cIKvH51obV+9D264D0B8z5vWaU8pdbyJ4yEw07+tQd9xg0k4QvUh+trM+i7n/AKtZWmi40AzGKAVhwxvVGK3WGGIwMQAw0ad0mn3vjmYgloPXacVTqGGa0+5z2LGiZovpTkjsnDB75XM+WGq1eYzyY1ofmV/PG1hIrLTRXaOkTu8pMLju1xLACSQSx4IUoeaD7ypbxKDpLbPaZ3rx1DwzvndnBreubAriZMVZfR7GcARZKkyGqFCysqMCDTrbZ3L+jn5msuSH7Y8nCaYD36xIgXefcqVREs/BUOKW1epZo71mfB0SaNZYPSXOt60NKHhQ=
.seedtag.com/ Name: st_csd
Value: 1704358599279:1704358599279
.analytics.yahoo.com/ Name: IDSYNC
Value: "18za~2fzk:18z8~2fzk:18vk~2fzk:19e0~2fzk:18xp~2fzk:175w~2fzk:190u~2fzk:196y~2fzk:1974~2fzk"
.cootlogix.com/ Name: vdzh5_866c8a43
Value: 0L912IFaj5NWQDiAUMmQYC10hOHN%2BSzh4AxZPPF1gOxR2HAYjJXZPEEYBJzsXBjA3BzEGJ0MRAWY2PHckDiEgR0sPdSw%3D
.cootlogix.com/ Name: vdzh5_11f967df
Value: JLy135VuQSy0xrqdEkTnQAIjYLeRxQS0Z0CFYwEGg3HR1MExRSaAlRY0R8YEtUSF8SXH1eUTMQYDBBU09QDA%3D%3D

94 Console Messages

Source Level URL
Text
javascript error URL: https://duperb-shop.ngontinh24.com/
Message:
Access to fetch at 'https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1' from origin 'https://duperb-shop.ngontinh24.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://duperb-shop.ngontinh24.com/
Message:
Access to fetch at 'https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1' from origin 'https://duperb-shop.ngontinh24.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://js.gumgum.com/services.js(Line 10)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://duperb-shop.ngontinh24.com/
Message:
Access to fetch at 'https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1' from origin 'https://duperb-shop.ngontinh24.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://stags.bluekai.com/site/15333?id=u_8bed7d1c-5dd7-43d8-8f1e-2e8476222813
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://mts0.google.com/vt/data=jGNDyV4XjQh0ybupqCN1sK9KxKc8PiO2RrQTWHSApT4xmC5t_fAO068t6uT8VDXj8O2kSP2xGWoiMqHVceQmcQ
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20EA5C9313-A3DA-4BAA-A579-65F7E4A7CF75&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://monu.delivery').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://router.infolinks.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://bloggernetwork-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.yieldmo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://contextual.media.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.cootlogix.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.serverbid.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://resources.infolinks.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://monu.delivery').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://router.infolinks.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://bloggernetwork-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.yieldmo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://contextual.media.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.cootlogix.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.serverbid.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://resources.infolinks.com').
network error URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D78A324727F68D62D%26sp%3D750078%26pb%3D612004%26c%3D649285%26a%3D644680%26domain%3Dvisitor.omnitagjs.com&gdpr=0&gdpr_consent={gdpr_consent}
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id5-sync.com/k/155.gif?puid=AAK7pU7LLOYAABZ7UayRiw&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=duperb-shop.ngontinh24.com&e=27&uid=7104abb1-a97a-4605-b391-df0f51751199(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://duperb-shop.ngontinh24.com').
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 103)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
deprecation warning URL: https://choices.trustarc.com/ca?pid=zeta01&aid=zetaglobal01&cid=101619&c=ee9211cd-20ea-4e76-9b07-58b037d40748&w=728&h=90&plc=tr(Line 394)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

168f9a2cbb9c6aa5a27b20d8cd771a02.safeframe.googlesyndication.com
33across-match.dotomi.com
a.c.appier.net
a.rfihub.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.us.criteo.com
ads.yieldmo.com
aep.mxptint.net
aid.send.microad.jp
analytics.pangle-ads.com
analytics.twitter.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api-2-0.spot.im
api.btloader.com
api.id5-sync.com
api.intentiq.com
assets.a-mo.net
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bloggernetwork-d.openx.net
bpi.rtactivate.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c3.a-mo.net
capi.connatix.com
cdn-ima.33across.com
cdn.adswizz.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mediago.io
cdn.prod.uidapi.com
ce.lijit.com
ced-ns.sascdn.com
choices.trustarc.com
client.aps.amazon-adsystem.com
cm-supply-web.gammaplatform.com
cm-x.mgid.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.minutemedia-prebid.com
cs.seedtag.com
csi.gstatic.com
csync.loopme.me
csync.smartadserver.com
d.turn.com
dclk-match.dotomi.com
de.tynt.com
delivery-cdn-cf.adswizz.com
dis.criteo.com
dis.eu.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
duperb-shop.ngontinh24.com
duperb.shop
e.serverbid.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
ewr-495.ewr-rtb1.rfihub.com
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gtrace.mediago.io
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
hb.yahoo.net
hblg.media.net
hbopenbid.pubmatic.com
hde.tynt.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.rlcdn.com
id.rtb.mx
id5-sync.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.mediago.io
imasdk.googleapis.com
imps.monu.delivery
inv-nets.admixer.net
invstatic101.creativecdn.com
jadserve.postrelease.com
jelly.mdhv.io
js.gumgum.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lg3.media.net
live.primis.tech
live.rezync.com
load.exelator.com
loadus.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
monu.delivery
monumetric.technoratimedia.com
mts0.google.com
mweb.ck.inmobi.com
nmcsync.imrworldwide.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.cootlogix.com
prebid.media.net
protected-by.clarium.io
ps.eyeota.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxl.iqm.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
resources.infolinks.com
router.infolinks.com
rt3070.infolinks.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.seedtag.com
s.spotim.market
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure-us.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-dmp.mobtrakk.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.bfmio.com
sync.colossusssp.com
sync.cootlogix.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.serverbid.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
tracker.exchange.amitydigital.io
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
visitor-us-west-2.omnitagjs.com
visitor.omnitagjs.com
warp.media.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
x.serverbid.com
ad.mrtnsvr.com
ads.avct.cloud
btlr.sharethrough.com
cm-supply-web.gammaplatform.com
jelly.mdhv.io
sync-tm.everesttech.net
104.16.112.121
104.18.36.155
104.18.41.104
104.244.42.3
104.36.113.107
104.36.113.111
104.36.113.112
104.36.115.111
104.36.115.123
107.178.254.65
107.21.19.202
107.23.135.200
13.225.195.104
13.225.195.109
13.225.195.65
13.225.195.72
13.225.195.75
13.58.246.115
130.211.23.194
131.153.172.94
131.153.203.243
131.153.242.59
134.122.57.34
139.162.84.221
141.226.124.48
141.95.98.65
142.251.16.156
147.135.71.152
147.182.176.100
147.28.129.140
151.101.130.49
159.89.246.130
162.19.138.117
162.19.138.118
162.248.18.32
168.119.72.236
169.197.150.8
172.105.221.240
172.240.155.116
172.253.122.156
172.253.63.148
172.253.63.154
172.64.152.89
172.66.41.9
173.231.178.116
174.137.133.32
178.250.1.9
18.215.90.210
184.25.43.188
184.26.74.213
184.84.136.23
185.167.164.43
185.184.8.90
192.132.33.67
192.96.203.13
198.148.27.131
199.38.167.131
199.38.167.154
20.127.253.7
20.253.86.149
202.233.84.1
207.198.113.87
211.120.53.202
213.19.162.90
216.200.232.253
216.22.16.52
216.22.16.57
23.105.12.136
23.108.102.14
23.193.120.208
23.205.106.182
23.21.51.122
23.220.132.230
23.222.5.87
23.227.146.18
23.40.207.41
23.40.207.64
23.50.124.22
23.50.125.215
23.50.125.47
23.92.190.68
23.92.190.69
2600:1408:c400:6b::17db:9a0a
2600:1408:c400:6b::17db:9a12
2600:1f18:4e9:5a05:6096:7d74:cf85:e5f3
2600:1f18:612b:4264:df:b383:583f:64cb
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:1f18:ed:550e:4627:d3aa:1545:e04b
2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2
2600:3c00:1::2d4f:f28f
2600:9000:215f:3e00:1b:fdeb:7440:93a1
2600:9000:215f:4a00:6:44e3:f8c0:93a1
2600:9000:215f:a000:1b:5138:8a40:93a1
2600:9000:215f:d200:1b:6b7d:2300:93a1
2600:9000:21a2:4a00:1a:5235:f980:93a1
2600:9000:21a2:aa00:a:e047:753:a221
2600:9000:269f:9400:1e:a43d:b640:93a1
2602:803:c002:200::43
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:4bd8
2606:4700:10::ac43:266a
2606:4700:1::6813:824c
2606:4700:20::681a:246
2606:4700:3031::6815:28fa
2606:4700:3031::ac43:8c7d
2606:4700:4400::6812:2b5a
2606:4700:4400::ac40:97ee
2606:4700::6812:19ad
2606:4700::6813:9f13
2606:ae80:1471:16::760
2607:4f00:925:0:3eec:efff:fed0:87d6
2607:f350:3:2569:0:10:0:a
2607:f350:3:2569:0:10:0:c
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::8a
2607:f8b0:4004:c06::94
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::67
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::71
2607:f8b0:4004:c1d::84
2607:f8b0:4023:1413::78
2620:100:a001::24
2620:100:a001::4
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:1ec:21::14
2a04:4e42:600::485
3.161.212.32
3.161.213.19
3.161.213.43
3.161.213.66
3.213.2.212
3.217.69.99
3.219.128.200
3.223.218.249
3.224.6.94
3.227.185.122
3.229.125.131
3.232.158.174
34.102.146.192
34.111.113.62
34.111.60.239
34.117.239.71
34.120.107.143
34.120.63.153
34.149.50.64
34.150.170.96
34.160.19.107
34.193.243.45
34.200.65.202
34.202.106.150
34.227.125.34
34.96.70.87
35.169.211.189
35.186.236.140
35.186.253.211
35.190.0.66
35.190.39.111
35.207.24.140
35.208.249.213
35.211.178.172
35.214.246.118
35.244.154.8
35.244.159.8
35.244.193.51
35.71.131.137
35.71.139.29
37.157.6.254
38.68.201.140
38.98.69.175
40.76.134.238
44.206.92.227
44.210.41.244
45.137.176.88
47.252.78.131
5.161.188.99
51.222.239.230
52.19.72.183
52.20.53.186
52.202.180.1
52.203.254.189
52.204.206.150
52.26.6.186
52.31.131.200
52.45.141.6
52.46.151.131
52.7.115.38
52.7.200.174
52.85.107.191
54.147.254.41
54.156.26.12
54.192.51.42
54.192.51.7
54.192.51.76
54.192.51.9
54.192.51.94
54.198.173.106
54.209.20.238
54.68.105.82
54.87.127.173
54.90.34.250
63.251.28.133
64.202.112.127
67.202.105.24
67.202.105.31
67.202.105.33
67.205.191.172
67.220.226.238
68.67.160.186
69.173.151.100
69.173.151.96
69.194.240.13
69.90.254.78
74.119.119.150
8.2.110.161
82.145.213.8
96.46.186.59
00a3f73c10915e331aaba84ae3cef19364056d137b90c3573b8079d70b8ee925
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
01f5fbd177632d79bc7a319df80fbef8f76c23b20984662d9ce9f40115514edd
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880
0350281031389f2263a01f936c051e6b0e31fe70ad34a0a3d6106675261518e4
039b67ff4c7c1acb8f40e3cb58ccb5fb57282649dde3e1e5db2530b0c79be0fb
03e48a89da149909ec44ade6ee4c54b55f9c26a6e1171ff4821afce02d0a85d1
0477f0d51900c7b61949afaa404351f1c0ca40fcd9ec0e64a7b9d7a3d65da8f7
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0816b0676c37909e18990f6fa447fc0dcd738f5119a10fe07122b8fa00a39e1d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082eb8d994b05bcfa7551011745f5b48c386941970c98e59b8dcaa958ec5bb8b
08656a98655a23535b66ce02c864fb76399ad2b23ac6bb83234e67f38bde8d3c
08fc0389e99a4122d63c6c9ada1b7020c7421861cecdbce6430775210b47bed9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c67f3753e4594d2647a01c88ae2ce8715234f8f721e3683a0ff20085c7673ba
0e4f12d94ee6c4be77eb7b7e64aa40fb318ca108518e3b92cf38111ac7a42925
0eb55b29dbfaa86b994440975562f56dc110485f19c83abed70979afca9fc88d
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2bd4f3954b609193501dd956d7c1424d03231f0fef87c7fe67c7056c2bd22e
0f4165600f0f6915440a750f0b77d06e5e0dbc9d1f783ca44d3196b09ead2380
0fa73cc161f0c333589cea49309393682986528e8f8797aa62342e0d2be85f87
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1250daa9f0a432107156f86630801b64c53bbd53c6e3fb1126867c4c1a48df3e
1255a9bb3534a8a652b599cc3b740977e61fe5cad7fb24d6531f7ffe44b7ecc0
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
15cc01df1db0756db8c3ff039dce7eebf0b7bfc93f5079d37dc0dfa2c22af640
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a7340a74c03f181d076b9e58f025a7ef5bba39f3e2ce200ce7213e132ee9995
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1ea6ee0237253d9114205128f9cd7e154f617d144ef478d7f50e388aaba13151
1eddda3a4418128367fe7e9b8c97e40ea43fac5cce2317434243d210b5d744d5
1f40449b63b6072f86e4acd37f0b415673985b3f30832184043777684003bd96
1f7e50bd764fa1ec6652bc51c7e64a5ed5afb52a6b41d7b95704e593ab423f58
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
2297a14402d4b345dd6f4eca9bba6df6a932bc2f2b1f4e9fcd03b7df80beee33
2308f3873334bf16b0cd7f0a71f66dedb1d5acb3dcd89a3fc0ddc8cb1b84646c
2451af61e931d95501fb8a6fdbad16ce575ebe6461362bf3d658f8b49598a468
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
24e9869020fd59a7f6418540744970cbf3f381a57858eb8859ca45ae54e7fcbc
2510df32e2df3b155f08ec3ccabf4c6d0f1970b920cc171a7b554e6afc0ca809
2582ccb0d2477253eeb87e377b2c3a47e8a19cbe5aeac9b4779cb632b82ed9b0
25f574717e4fb821d02b0f6d9f99295c60a8d8ce1c3197438b1b963c90f6eb8e
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
27ed1f73ab911443884cbac9b881d95c9838544a2037e4a471d3841ef80bd3ae
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29127fabb146d6b2d8bf961a00d0ee255d7b966ca1d621eee5d5393dd63b28cf
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
29cc7242b9a11672bad51ea49dac7f23b732c2f2527048f2f329df9b1a16f23e
2a45639f37b5c99ff6f9b3f3b3b1dfd8719b6c5a1a38683e88c2bd049c07f9c5
2aa25a19729df7b573f42c20a108d4ec213403df5ac193414f02f35887e7017c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac1edb147faef758a4c4eef4c7b2dfa02f8e5610ca98fd04d65fadf7b2d78f9
2b70d5f158ad9fb8db0a1c335114075558d819212c80ce6d0aca87c348afb174
2c28a74670ec53920ad11adf60aa4e22f1b88ca2f3aa517fa1dcc02f3320531d
2d0b11a96f3dcfaafe9a9b5eecc2b4630f78cbe206434681d13df688aa377009
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e438e4370b032e64fae998e8f3f4e029ef38c431ead41239533a97d6ce98f71
2ebc60ae25834b9bd368142c05069ed79f1dc3d7ecb2b3e4bfe57fab5490dfb8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
2f857e2daaec939cd0e005f1d56b460969004a22c01e00f64c4d9899ab631ec8
30dbce9216c7573d1d1183fadbd3243ee8247d122fe7a9f9d4eb602ba785bc6f
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d930bba4d297603dfbc7e08813b22848d433f9251015e47cf467e47330b986
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ac192e5a36b6e93c39c378f5ba264f332f5650150face483ae45ec94e18e6d
32e7b34c52863358d06538e7afda895d51d28f673065d4bed9f3068901a7d75b
3394ff24813d1f09ffeaaf6b5d3269b4dd6ab5b62d60b25c140a64cbed3f81e0
33fc0077fde184e96b9b9f636783b0020b1125ea7004a3cd541e19207d27473c
34ac73a130a8fedd5eccef300b8c2021b0d28e04da3c5854cfde6532f9ba550f
34bad3232d4c4c860bb696f1169c5536e452495f0f5e5b38d256f4680f78dc4a
3535ca0300a45a0ee87ac5eb11986abe17547111053b7a08a545c7096372299d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
394517d77483c46884657d0078294783faab34398b9d9bb31e6acc754fecdc4b
3976d368f30ab0068d5f5d9e6d5959bf62c3fed2023016ba033c7243ef2a4376
3b10c0f3df4bae3eb7e21bf366768c3c2d16f802d1bc9a9c9a599c10115039f2
3be79451d50fe0e6ba96ff7c37e7379a910c8cd40d3608efb16cc40c5383e53e
3d47e3001d9ff9d8536d41200b7eba52d7858ebfba160152ccee7162d24351fe
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e065c15d3e2a08337de245ec628a68f60870dbaa9c958ed0e601017bf9e5330
3eae7079f186f4b6c8d1c58c096c6e809706bb5abeae78fa20ff509e942811a3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0a385fe617f54bc5e9a20f11fc3be9b84bd4f7e4d0897ad627dd942efc1ccb
3f72bc478fe8bdfc0d71966f03269d1400530dc5b86bfe964e181991ba89b19c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40125b6d63d09982a5b1b75f6b584069972573818b95200e997b2edb68cc7690
40451f59f0361365bc37e96f476f8bcfe4e9bf6c5321a1fb1c566c0ac58767b1
40d90847b61a8a221f1698cb40a76a5fe9b81899da34ceee38053a950a5c56c5
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4225e2de241af44fcef2f1bcd0c54225c60e2e172f68aea47959cac93dad5f55
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44ead52ca3e100d6485276041bf440308306e714721ea0edbe36114f7184f971
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
45bf96a74d1529b261d1839aaa9099436e959abfd4c05a78098055084334c20d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
471a25e5e3848ec494a1cf317afc20bb182465e3a2fea192fc4bf4b6867ad545
479431784cd5a99432ddae15575e4e43ff45a92baecf651b711c9e71d4154a59
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48edc9f331fd4f81e39056ce0d7b79cd8ee71d3415824a916300f6b6e8c93331
493e76e5b1fb957bc28c110c25bd9ba8374d731001ed6a60cc7a029056fc5fd7
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4a378f017fb2827af8bcdb3b62bc44f312c23fa4184101471e47e264c793f7dd
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4afb26be16e5f3fd6c668ad16595e946ab4efda06cd386799f2a901931a7e3ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c35a725ae1976af59c99556ad69e993dd9cf474033a75bb9406d59819d573d4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ee3a660e14eda56fc4ec4bc845220a52ce5cbb9c44c164e7e881a46b49bc9
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f9375aeea612c4f013d5a9e03c3da5ff8bf7d20d10b536674cd21af7f742560
5094fc819adc9a6415fc6c55731c8432178ed47a8e29e400e705d4fbe4cc2c88
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52e10357e0f9edf788cc89d1967273bc770f0be9531dfbe4625474ca3dd6f0f1
543b429327b9baf784103c7a03127358fcff1f553eb4743c7cda9df345a6300c
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f77c61156839bf898f1f84b8a3282b65dcb4b9627887218b43fccd523faff1
553d83f888d1be498dc84d22a1c0cb3d0684a0b39ad29f622a132b789973b165
561a913572ba12eebc9fb27ec3ff8877ec3cb9c3253beaf5eaac7cc593a29afe
56243d82f53e3fdd390332f9a8e02c75dce0eb5351ced4bcb363f8d533b0ce0b
5645ee60d09acb90af49496f24f9fc59e0c9ef48b4a886791ef6ebdac8dad4f5
5691bb6aabd3d9bde48b9924691d26d320ca2c310142a82fb1e2aae862970390
575d691dce5bb26b10eff6b57252d0df26fb3107ce8ab81718fcf9486e462ae7
580eeb39307049dba9c5552bfb978340673d0690d5728a14344da4fc9c7f8bf0
584eb609b4547f7250cff10a80733c4b88ff46f8d62e9f64bc7414c66363c4a5
5ad232a3e0145aa89d237bfb6f6bc9d0566cd16949c759ee255411395506c1d7
5aff957d24ab17b48f7ad5c561739947d84e77d9d4ea338e5611472bcb458054
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
600296d979650e8cbc41ca2950c1a33de723a6137494a8c80b4a7b9c42b2e61b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6036f549339e4770f5953209733cae0fe1e6493a28f39b6f72306b1716ed7d56
6085b089fabe11b72ec4ce9208949cd89d9fd0e7f711e28599fd56f55f7e21ba
60d753cd8365cae13f9e8c52425472dd001729c40c720748fbd0e38f5b6c4f90
62a4de9e07214d8a46bc60502b576a6682e260d298d2bafa95b28c32d63ee236
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
63a1550c22111356d62963ee1a01195d1f9c9032ea359468453cdccbbb402076
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
66af34f2dcc870deed709e424e960b6ce9a6b0a6d00d715b8eca10107d91b929
66d1b585057f103f08fa719768fed142f6d5b77310e9ce1eee61407b7aac5f6f
66e5a86692d00ba3c322121a03ed9d78ebb74843bfe53c2fa4b038dabdc71058
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
698dc40a616311683313957fdb14837e0e4ba5148866fb1a46e8b054f9c7c1ce
6a9c6034dfda97a5e75b6066382de459b92db3a6c50cb534a39c2549b0a81601
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afa771f109b9956fcef1a03be4ee44ba97dbac7c943c7f9a539dc3e0e9a2f70
6b2c7d7f8ebb1ad09c017a046477da20f6581696077cb44ee9f5dd20956f6f60
6b485828ec0e76f938fce17ee7ba57345017910bacf147cf77be7c58e724a3bd
6bc49fa1116e0d6bf08ad0569e8af2504609cf54b31eb5768a3067e8e0daccda
6bf4408e56916ed3de748d7bfd02355bc90f91d560507504abf6c6605f499163
6d1d872251470a1a3138c10f89c79e7a8df7273837e4bad3a0213f56dd654c56
6d5bdc3c71c3da7491bdc9b2a0f9d3bcbbe931e4eecfa649ae9a0572723295e4
6ea62c199514d68eed527ea54f5297b51d299636f30e91bc13606309488697ce
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
71ee4bb61ca7d8b2a71f2ec094d9635ce3f56a689ce9d9eb3d5bf6a913135638
7237e3abae7da99ef56185f7b2dcf53781a6e9f677ab202c221260fd3b1851f2
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7335f04f77a86ec84acf13daa09f22c1f6be0beec90bbe3201e69c47e94f73b6
736623bf5b04e04614817442c38b7a20d19df1b29551c5e33a6992c34340da85
787150b489a6521e050b6296979fea3752eae3950bcaed51e5cec91bd091672d
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7b205e88991731a228fd27cdb2f729a087290f10325d97622ca19b8376524266
7bd19e369895d795b48995163092e5c40cebba5f4ec268c7540fbefb94caa3f4
7c013381d3b7c64f519ff1e99782da820f8de886743314d17ca42b50bd0b3203
7d1d134a001b4ce2e7c131915e8e851d0584b4f3a910d47e47908a88ade6436d
7f011ccdb2ca1d8157d43d67d4f8c21f9c6c04b9127a391def4ab1906a22cb64
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
801d5b4dda2f9ac63608c54c8249ec092977d7dd4ed4e9f27f091299bdae5966
8061e3f372851cbc35d507caf1adef4fe64bffdf05705861928ee05b7e7f2cbc
81441a88f828faa122f04448322508bb2b7a9f427fad3c5164b6d4dc364d3e66
81e90a605d58cde98f62a9c1a956462b690766424683e9011d59720f6d6cb366
81f9ce611baaf055343be544edd2f7a45a59e052ee546f8ae9a1cbaf063afcaa
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
83ebe8819c613ee5c1a3eb156b65b48920ccf937ada7877fb137ac11ae2ded0c
844a3c40ac0aae8539c5737af087eeb540522ca5903162f795bdfbf3e2fdb042
8493b6cbbada734dd291dabe105e4399431c682b0c7ef062215b83759b5cf52c
84e98293ca8b86afd3f8a036a32f7868d5aebac9dad25b4802db81e73a1f06c5
84f1c50bf0e9ba617aa63fe19f1a6026d6c424771fffcbfa3f9bb14ba95d59d9
851aab34e9b9e9c6252ed4a0bd57b30a79795aacdc7e036d7e824ed9e69b2807
852b79c54c1dac244a041ab9bba321b103f6803872445f29c3fb5c1f11e45e8d
85fe6e0446db20124accfcff669665b9a77df7420a9b32779190a451a2fc9982
86437a0a26abf1f4b0a16142286a1a89d79379aa5a06d3c66d6135f89a5aa886
86999686f2196e2f3cc6bdd8633da04516c9289974e0127a25504b891b4e232c
8724481b5df9fc1b87f19e1f93d42c8ae32791392cadefdff5fd6e1f55cf6b39
883071827a578262899cb26d0657451499df0b5cbee40e5c52d0f68712bc2a0c
887f3fbf6ec7d97867aefae525bbc5eea1f2027f7b21127820d465c1dc408256
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
89ba74998680d8b731949527f57d7f5d55664588268fb87db0a3c2a81d98ab5f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8b1fc6a6d179218f974d71341dca2d6b944588d1b1021bb3a6306db7751d60f7
8b4ae89c749e7de33ac0bf2631c70c1ccb3a6b2812edb2d0b723c68030030eb1
8bc2dd50541633a6b91780edcbf83921ff8c1ae829ab1a15352979cdaec2e29a
8c8b53a37be5a6bbe543b729ef241b2e46d79647e80c94862e5e554ad8c30ae6
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e6d41d584bfb483f312989c2f6e973fc6c5e30d644e8f46b4d5243811619b31
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90a847214fb03bd48f9d5b7882c61f5ed7955cc3bf4c6ff347e95490c120f730
976aa631cb9f02a11257d41a21b38edb11c789aea77b64023b838aa5349aec91
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
997f1057c4a331ee9a8470496420815177dded09524ec898628b845d9380d14b
99e3deb20ab2980931c3ee06955607927e629aea6525ec81e3aa7120e1188a5b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0d8412dcaa1724b257d62e0add98a0db7d894babef6c106799ebabbfd2fe12
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9f08a6a436deee653fcf4ee392d0707c5b32f3c0a409a6686136161aebe77b17
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a27d504bfe88993a0af2c372e03914c4526e76033599430a3c754610fea0147b
a2fecb04bfaac85b3fdc4937d2acb052817756f86f026dcc22ffda18a5b30265
a4ce995c16b61adea437bc4157c1e83c76af2703adaaf625cd7062b525e89afb
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a541beb48d5c34d2ca5b15f2d4ec2b54bda4353146dad404e8f2589b7eacf27b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac2397fbe331fb7cc8c5325752c4af7d6c5cb9204a1f810b89fc93c372cbdd37
ac2b5ae2de1284e817a3d1e4f56e81722138e56c8555a49b097b3af7b6c9f4a1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acd8877a2c7e075274843b0869720efad308b92734c980465c0ce4d10f75dd75
ad4d6897c1a90f0a5dd55e842e606c0fe1e17552c4ea7416ccdabe76d120d137
ad7bab07660ebf9a94314aefb3324dfaf6626e01534b1a966e48eb9d95ff7f06
ae46316c21d0803bf5e72de5467cae7c878426349d2f31d6d7d25b17eb5783dc
af1896dba99d5da0b95adf25877938268fcbd218e9b0ff1be4b59ec68ddc7884
af284fa768787fbb6b7efb8b20e162fc80630596797d1f32bc7cdc34bfcc564e
af2dc14f6a8c06b4395e37d88b5872ded1b4e234762e98c680dd1bffda8bc2ea
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2619cae117c115d26f2958df0df31c86540388b6f4c1dda4fc53c4ace5fc00f
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b2fdc99db75de88968ebf12adbc35c86f38a01930bf5853b12e630d482fd7b68
b31c7f681afad276260ddf3c822343ecfce5569fc90fee3d6c45a9a75c02608f
b48d1972b1f3e9a59bb76c8008c061e7a4f579d2cac8e228f083074d4f14bbe4
b4de83d303cc090c7685f54bd5df8edd196c059f47ba8bfe75d994cb03048f25
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5e3a3028818d6c1e6a39fb5e8cde0f00341d2a7aed2bf95e35b5630d313bff7
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
b62a61b4c5dee465f441e43bd3d450ad89a41c88117bc951e7d0bbad8cac036f
b6a001fe6f1f79bbe5b91861c200efd94441f78e698e6f6cd4c0569edee90c9d
b6ab2f2885e9d059a20a61f66358bb55559658f3064a327d610ac489b904f9a5
b71f95336dc567d835c55697b3c05d879a5319439e5f8ec89eaf534bd23c1bf8
b7f80935106390ce68b498562c40c39863298cf9edd85faa71d35fcdf848a6c7
b9b3cde3e30b04a5ec317e9403523d3d54f27145e1ca40522266af2feb635208
ba8451f39b0887dfff955335e5bf9007d350bf5c2d9f5ef697e07275ecbc331a
bab1c005a7fe6444f56cd587a85b5cdbb0f78a89ef2218027075f4bc2419b09d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bb9a7118557eeb047d378f4456061c8ff17777a7b0e2deb1e2624821d7add24f
bcf7cf073e4dc6e46a9cd1f03c6815816377f97a806f55d14651ff1efa0425e1
bd906936184c90499bbeb692498b26f7324c9a21239574b3a30b6fd7efa9fa12
bdc56c5f0325b0af41713f4e306c9fedb86bfa8de012ebc67908267e37353f54
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c16b2923f5d2b5db11044bf02b7ce094138a01a1d15f5adc365bdb9e8ddd3b93
c1f88a63f927b09acc5653332a4e478799d790f26d286a95bbe9056a2dd85bc7
c1fdc109b63ffdfe2a6d236f3c7913440d54041ddd2988a8bed057d08586814e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3344610ca08644091d8ca981acc5c728753dc1e0246777e0eaeb8723f916c7b
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c60656ed5e0238af833debaf17aa2fa81b2e0b1cc5389318dbfb916abd94b77c
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c6178151182261f3a2fadd1830c273059c6d51f9b073f03d33069c7b1d43421c
c636c1c95c6e18807416080fb3100fa180a74ff4f95727d99d77d551fefbd3ab
c665236adb79dc98a71bf68e632465897f07383a65e4e2797257d3a67575d493
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7f32be59d3e79311ba9744ae85fcd16e301798b8793283459ffc143001c8b6d
c9be50e14d55d34bc20ff183de504f97b39bdd7adf3cee498ba89cd224fe32b7
c9c8f1cd9db165f31e10ae9e6871cf1c95251abf4d06b75e963ac134ce27b0b6
ca3b0a5f339c767e1fb4933525c018a77f5325895caeed43215c58bfd7bcb5b3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb2f781d258d314bdc7be21deb538daaeda707323503ab447d5edbcad8ffa39e
cbe563bdf9f05ea8ee7c83f6c01d58bc0c54820d070ea95862c552eb3aad23d3
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5
cdf2b172ac40e0296a41ad02c9b84fb955e9f43391c4894c23ce0289e26de6ab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf48c7ee91a0c1acf4922e5f8efa8a6bf5caa6621a8362afba1a7568b60165ac
cf68a8424e11b53face94023607c7c981ecdb60345bcb0e44205d6b8c13d57b1
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0acfa1e702259b478239630d1eb14536a471c1399b58050d7a76683fcf717f4
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66
d36304db6990ffc3ce12acff3cb4c42b4190994b13853d114280ae2259897cb8
d47b225460565712cf74d7e590e038e05f03a098fccc984a08f482f36db4ed93
d49704476198bf7410e85ee99b6e02a9246fdcfffe56b2a14a872fbbd1768be0
d5647fc8869f30aa2a0bfe71f17540c22ff7fb10741c21805788db72919c1b25
d5a38052143d4da571d94bcf22a874597633d2370d238d7fe781ea7a495b171a
d5efaff99b7817b6279d67c0fc5908c63c7287225aac977f8ee495aab1f384df
d61517807fd3364fdabcc730c9eacc35105715cbeeb916f06f47c5812e10b0cf
d787e573cd08c83232b7f5e8add122bfe170da316f4e69433ca47e8382fe1e28
d7bd2244b53c02cbe507dbc9c546eb3e3e0e450c0455804a33f694162a9b1955
d864e456e7482c5bad10a8c1c0b1e1e5a91e04f7041d99d66024f5a672af928f
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d90d8ed6b3539adec45f3848a19784867c063410a0b7c727881cf63fc87c5c60
d932f29dbc6f9793b0275a6c11f29bd53f9a90e051c823f5ffd8f47a33dbee1a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d96ddfcdc35afdc530000822c1fb62c18df907503e4af85f894d2c5d80b6796c
dad497edb6c807568a8187d713ff0adc73a322324af08c10e3a11c694b9478f8
db08bebfa2e92b78c4c9ea0d375a66e9d2adb4208d50c3f5fbf22a467dde57b8
db5cbcada68a8d860320ba859874a5826ecc9079d803e8cdc2746270393f614d
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
ded725035617c0981e128808cbcf42149df94eb26a70649128a8ebf541ec25ff
df20d73aeea298101feb961bd1e5a7ebb2c8f4a432a5604a221786b618408447
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dffbbed6afd4d01f679cc5017540d74e039b87c7c5d5dcc1529a22a8e3f78c3e
e0b12b6f6d70be1490bd520cd667924b0143655328476caa644be9f97ec49dd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42bbd210c90ea80c9268bff5dec93d971edb7e1a3623c68f4cfed79447e9183
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e884ccca893632a63942a51b060e44b9788af5d9a0d81261ef23467d0c70c48b
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fa4e619d14da71ec371369a874cd180069a4a90acc17f32c2849798629e0e2
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e98f4b985a98b452d97497d31ab99bab8a470b45fded043c5ca83c328d6134dd
e9c3ecd8479cea14a1f703b8b0afc8d1377a0bf5401611b213eafe2d7fc4dfb4
eafafb205ec50b963795ef19e4690f90c5941c2605d5d31bd4e22b0dbf27170e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb79d2411877f0a737c35fd4282fea3560ae543d5c1f70bfcda05523858fca3c
ec23865fe5502452ad1cb737ce49962eb01660bcd857706293086b2777316488
ec7d477c8063f480f8f42ca6279e5fa9d98c04459221e44df3214d70a5c5f629
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee61345f962e763659c9c7d991d66cdf242bab3ecc1951e450ffef918be80dad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef94a1e8648a636e80620b089bb5797a7e23d76ae0e3eef12be5a8b53183d50a
f057702539786feb3aa792d4abf118e276fd996a55391e256bb52200bc30cfe6
f0eab8e09f59b3857aa49cc3da932d0cf266631d5381c8480708dbb1e10e52d7
f1b8f0261622e80a0d74843ca51d20522e1ce91c704006912417f63950dbed45
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a07246b963bc573fdddca7869dd815ae50487085dbdb3efa2afbc044deb1fd
fa91ed7d8104858b34338a4e403c48d99e5c18042377e69c49d30a42d8e20dbf
fd11a4a19a89395a493626ae5fd7e00a03ea2e930041fd9acb7af23ccb22a0d7
fd39fbe147103b496fedc710248107facf6beaab15b4992d90ad7046f4b3b8ef
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48