subdl.com Open in urlscan Pro
2606:4700:3031::ac43:dd65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://subdl.com/
Effective URL:
https://subdl.com/
Submission: On May 30 via manual (May 30th 2021, 8:39:00 pm UTC) from FR

Summary HTTP 103 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 51 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3031::ac43:dd65, located in United States and belongs to CLOUDFLARENET, US. The main domain is subdl.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 23rd 2021. Valid for: a year.

This is the only time subdl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3031::ac43:dd65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	176.31.68.242 176.31.68.242	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3033::6815:2903	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700:20:... 2606:4700:20::681a:51e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	88.208.30.231 88.208.30.231	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	139.45.197.15 139.45.197.15	9002 (RETN-AS) (RETN-AS)
3	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:4597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:67::6	15169 (GOOGLE) (GOOGLE)
4	139.45.197.188 139.45.197.188	9002 (RETN-AS) (RETN-AS)
2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
5 6	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1 14	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
8 9	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	34.199.94.111 34.199.94.111	14618 (AMAZON-AES) (AMAZON-AES)
3 8	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
2 2	88.212.252.2 88.212.252.2	7979 (SERVERS-COM) (SERVERS-COM)
2	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	208.100.17.173 208.100.17.173	32748 (STEADFAST) (STEADFAST)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	72.251.241.206 72.251.241.206	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
103	47

17 2606:4700:3031::ac43:dd65 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

subdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.31.68.242 (France)

ASN16276 (OVH, FR)
PTR: ip242.ip-176-31-68.eu

eondunpea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:fee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2903 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unsplash.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:51e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.30.231 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

in.pdvacde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)

in-page-push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.clickadilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.betgorebysson.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4597 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:67::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5ednly.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

forzubatr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.144.59.88 (Secaucus, United States) 5 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:34e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.48 (United States) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.45 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.94.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-94-111.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.108.145.8 (Berlin, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.99.6 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.252.2 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.173 (United States)

ASN32748 (STEADFAST, US)
PTR: ip173.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.17.112 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	subdl.com 1 redirects subdl.com	90 KB
14	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	6 KB
11	vlitag.com 1 redirects services.vlitag.com tag.vlitag.com assets.vlitag.com logs.vlitag.com media.vlitag.com	429 KB
9	adnxs.com 8 redirects ib.adnxs.com	8 KB
8	casalemedia.com 3 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	8 KB
6	a-mo.net 5 redirects prebid.a-mo.net	1 KB
6	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	114 KB
5	pubmatic.com 2 redirects image2.pubmatic.com ads.pubmatic.com image6.pubmatic.com	18 KB
5	in-page-push.com in-page-push.com	32 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	cdnativepush.com static.cdnativepush.com	15 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	e-planning.net 1 redirects ads.us.e-planning.net u-ams02.e-planning.net	1 KB
3	picsum.photos 2 redirects picsum.photos i.picsum.photos	207 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	117 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	betweendigital.com 2 redirects ads.betweendigital.com	925 B
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	sonobi.com sync.go.sonobi.com	1 KB
2	criteo.net static.criteo.net	53 KB
2	criteo.com bidder.criteo.com gum.criteo.com	465 B
2	forzubatr.com forzubatr.com	651 B
2	googlevideo.com 1 redirects redirector.googlevideo.com r1---sn-4g5ednly.googlevideo.com	995 B
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	30 KB
1	adgrx.com cm.adgrx.com	408 B
1	quantserve.com 1 redirects pixel.quantserve.com	510 B
1	dotomi.com 1 redirects casale-match.dotomi.com	187 B
1	adsrvr.org match.adsrvr.org	265 B
1	33across.com ssc-cms.33across.com
1	onetag-sys.com onetag-sys.com	818 B
1	advangelists.com 1 redirects nep.advangelists.com	225 B
1	adnxs-simple.com ib.adnxs-simple.com	1002 B
1	creativecdn.com prebid-eu.creativecdn.com	171 B
1	rtmark.net my.rtmark.net	540 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	googletagservices.com www.googletagservices.com	21 KB
1	clickadilla.com script.clickadilla.com	44 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	betgorebysson.club cdn.betgorebysson.club
1	googlesyndication.com pagead2.googlesyndication.com	48 KB
1	nawpush.com na.nawpush.com	1 KB
1	pdvacde.com in.pdvacde.com	299 B
1	unsplash.it 1 redirects unsplash.it	572 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	cstwpush.com cst.cstwpush.com	60 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
1	eondunpea.com eondunpea.com	1 KB
103	51

	Domain	Requested by
17	subdl.com	1 redirects subdl.com ajax.cloudflare.com static.cloudflareinsights.com
12	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
9	ib.adnxs.com	8 redirects ssum-sec.casalemedia.com
6	prebid.a-mo.net	5 redirects assets.vlitag.com
6	assets.vlitag.com	tag.vlitag.com
5	in-page-push.com	subdl.com in-page-push.com
4	ap.lijit.com	4 redirects
4	static.cdnativepush.com	in-page-push.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	cm.g.doubleclick.net	3 redirects
3	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
2	ads.betweendigital.com	2 redirects
2	pixel.advertising.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	sync.go.sonobi.com	sync.quantumdex.io
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	ads.us.e-planning.net	1 redirects
2	forzubatr.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	picsum.photos	2 redirects
2	services.vlitag.com	ajax.cloudflare.com services.vlitag.com
2	fonts.googleapis.com	subdl.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ssc-cms.33across.com	sync.quantumdex.io
1	onetag-sys.com	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	ssum.casalemedia.com	1 redirects
1	nep.advangelists.com	1 redirects
1	u-ams02.e-planning.net
1	gum.criteo.com	static.criteo.net
1	bidder.criteo.com	assets.vlitag.com
1	useast.quantumdex.io	assets.vlitag.com
1	ib.adnxs-simple.com	assets.vlitag.com
1	prebid-eu.creativecdn.com	assets.vlitag.com
1	r1---sn-4g5ednly.googlevideo.com
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	my.rtmark.net	in-page-push.com
1	logs.vlitag.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	imasdk.googleapis.com	tag.vlitag.com
1	www.googletagservices.com	tag.vlitag.com
1	script.clickadilla.com	cst.cstwpush.com
1	js.wpushsdk.com	cst.cstwpush.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdn.betgorebysson.club	in-page-push.com
1	tag.vlitag.com	services.vlitag.com
1	pagead2.googlesyndication.com	cst.cstwpush.com
1	na.nawpush.com	cst.cstwpush.com
1	in.pdvacde.com	subdl.com
1	i.picsum.photos	subdl.com
1	unsplash.it	1 redirects
1	www.googletagmanager.com	ajax.cloudflare.com
1	cst.cstwpush.com	ajax.cloudflare.com
1	static.cloudflareinsights.com	subdl.com
1	ajax.cloudflare.com	subdl.com
1	eondunpea.com	subdl.com
103	70

This site contains links to these domains. Also see Links.

Domain
streamingsites.com
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-23` - `2022-04-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
eondunpea.com R3	`2021-04-22` - `2021-07-21`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
cstwpush.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
in.pdvacde.com R3	`2021-04-15` - `2021-07-14`	3 months	crt.sh
in-page-push.com R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
na.nawpush.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
betgorebysson.club R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
js.wpushsdk.com R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
script.clickadilla.com R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-18` - `2021-07-27`	2 months	crt.sh
cdnativepush.com R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
forzubatr.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.e-planning.net R3	`2021-03-26` - `2021-06-24`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://subdl.com/
Frame ID: 80FB7FAF51618E30D0F67C94C89DB6A6
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: 70D2B99A39DF821BFF763A0FCA5FA77D
Requests: 1 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Frame ID: 030AB1D12832799B12BB54CA56250C3C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=subdl.com&gdpr=1&gdpr_consent=
Frame ID: 56ED9B742D0233096301164E02B18FEC
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: A4845BFD4B985CD30D2E08D4BE13B83C
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: A10FB763F35E806FB71D4159D843398E
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: EAB2D885F719B43DF9689807BDDE0A71
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 73A008351E61B2DE61CDBF30E22FB038
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E71D8F1F340561E74F0CA0CD2BA2A5D1
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: D0A61ED33CA9081DC0566C0211CE02C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 433E13D3CBEF56491282E12CA44D8A52
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://subdl.com/ HTTP 301
https://subdl.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

103
Requests

100 %
HTTPS

45 %
IPv6

51
Domains

70
Subdomains

47
IPs

7
Countries

1362 kB
Transfer

3650 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://streamingsites.com/
Title: Best Streaming Sites |

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=subdl.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://subdl.com/ HTTP 301
https://subdl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://unsplash.it/1440/900/?random HTTP 302
https://picsum.photos/1440/900/?random HTTP 301
https://picsum.photos/1440/900?random HTTP 302
https://i.picsum.photos/id/690/1440/900.jpg?hmac=4V8eGWG-s13ln_BOYLN38q8qb7gZYs2YjMlZMzA2fng

Request Chain 51

https://media.vlitag.com/vid/?id=QfsviWpOGno&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1622427283&ei=M_KzYKP0M7f3xN8P37uzqA4&ip=52.214.224.26&id=o-AHD7QQgQpdQOZclmArrOvu_HL-qim-Qjy6_HBfz81bOF&itag=22&source=youtube&requiressl=yes&mh=oq&mm=31%2C26&mn=sn-q0c7rn76%2Csn-4g5e6nes&ms=au%2Conr&mv=m&mvi=1&pl=13&initcwndbps=758750&vprv=1&mime=video%2Fmp4&ns=oExMHvWRGujQYexdVBmrhEgF&cnr=14&ratebypass=yes&dur=645.468&lmt=1586201275978936&mt=1622405324&fvip=1&fexp=24001373%2C24007246&c=WEB&txp=5535432&n=isTdOGUjkrwFQZ65&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB1m-Czf9ejEnQCEMME1SV9vkwTC7JYJSnB8Yyb2rsRcCIQCk12mgXf9UEBKZukojZrJPYw_HR_YLxHpue_jt4Lmm2g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAOnS_IL3Y6I4jXy4hl3DS-smU3Q0R4WPmMGXzzvb2IIQAiAn75Dz3368A9OaeYyms7sD2x3yFu0G7kMA2DHD_9N0bQ%3D%3D HTTP 302
https://r1---sn-4g5ednly.googlevideo.com/videoplayback?expire=1622427283&ei=M_KzYKP0M7f3xN8P37uzqA4&ip=52.214.224.26&id=o-AHD7QQgQpdQOZclmArrOvu_HL-qim-Qjy6_HBfz81bOF&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=oExMHvWRGujQYexdVBmrhEgF&cnr=14&ratebypass=yes&dur=645.468&lmt=1586201275978936&fexp=24001373%2C24007246&c=WEB&txp=5535432&n=isTdOGUjkrwFQZ65&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB1m-Czf9ejEnQCEMME1SV9vkwTC7JYJSnB8Yyb2rsRcCIQCk12mgXf9UEBKZukojZrJPYw_HR_YLxHpue_jt4Lmm2g%3D%3D&cms_redirect=yes&mh=oq&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednly&ms=au&mt=1622406765&mv=m&mvi=1&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMLw8W1XtxkJ8Sy3q0KrThLfiIFOYh6gCiuzXOMHKMZUAiEAjVS5SkbN7mSAbLCff3ePvZYypCv45DxaEVnR2EX7bZM%3D

Request Chain 63

https://ads.us.e-planning.net/hb/1/2c995/1/subdl.com/ROS?rnd=0.23958709546642276&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fsubdl.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/subdl.com/ROS?ct=1&rnd=0.23958709546642276&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fsubdl.com%2F&gdpr=1&gdprcs=

Request Chain 74

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D0d5e0f8d9d0f712c%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D0d5e0f8d9d0f712c%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=0d5e0f8d9d0f712c&uid=2a6e21f1f1feec3d5e78e2de

Request Chain 76

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-H4TdCjJE2uGzYJRCgn3G6lw2lsa4n.wPkxXOfho-~A

Request Chain 77

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=613188922150500133

Request Chain 78

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e2a5176a-6504-4abd-878e-780c6b980417

Request Chain 79

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=613188922150500133

Request Chain 80

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2a6e21f1f1feec3d5e78e2de

Request Chain 81

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%253FA%253Ddcc12d3d-b270-42aa-9dc6-a28444534e49%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%25253D%2526uid%253D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=dcc12d3d-b270-42aa-9dc6-a28444534e49&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=613188922150500133 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://prebid.a-mo.net/cchain/1?A=dcc12d3d-b270-42aa-9dc6-a28444534e49&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=2a6e21f1f1feec3d5e78e2de HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/2?A=dcc12d3d-b270-42aa-9dc6-a28444534e49&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YLP32J7peXgTXanbUtUQwgAA%261150 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/3?A=dcc12d3d-b270-42aa-9dc6-a28444534e49&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid= HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=dcc12d3d-b270-42aa-9dc6-a28444534e49

Request Chain 82

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=af33530c-5666-4b0c-bec9-ab04335f60b9

Request Chain 83

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP093165c4-c187-11eb-b90d-062e6c792732 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP093165c4-c187-11eb-b90d-062e6c792732

Request Chain 84

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=613188922150500133

Request Chain 85

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=6f3c9b99-ced3-5196-9610-de03f6a329db

Request Chain 86

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLP32J7peXgTXanbUtUQwgAABH4AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLP32J7peXgTXanbUtUQwgAABH4AAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFeMBm9JMWGWsY2L6zpFEc&google_cver=1

Request Chain 95

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLP32J7peXgTXanbUtUQwgAABH4AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLP32J7peXgTXanbUtUQwgAABH4AAAIB&dcc=t

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLP32J7peXgTXanbUtUQwgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPrplPEYtNOouKa09KZ1j5I&google_cver=1&gdpr=1

Request Chain 97

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622493528&gdpr=1

Request Chain 99

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=oPXrgPDy7Yu7_LmFr6ekgfensNC7o72B8v10iLD7

103 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
subdl.com/
Redirect Chain

http://subdl.com/
https://subdl.com/

73 KB
21 KB

138ms
122ms

Document
text/html

2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 305e27dfadd64ccb372b15c4e2405e85929240ee5a616a979631d1a0b11accf3

Request headers

:method: GET
:authority: subdl.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b; path=/
cf-cache-status: DYNAMIC
cf-request-id: 0a60991d520000178acc891000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0OJxpZ%2FOvT9%2BMpjr%2BJC38O%2BoxkoS%2BBYZwjsxYelV3eNxt9nQkMEBBX61O8uuSpY8bsv5bKmvgMDnMKywjHRzZGv3I6Hk4VJShAtXpD14zINejI3iE7EzTvRP2Sa4R%2BoQLlzP"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 657ac4754b2d178a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sun, 30 May 2021 20:38:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 30 May 2021 21:38:40 GMT
Location: https://subdl.com/
cf-request-id: 0a60991d310000073e0982e000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mzL824O2yPtFQd2%2BZ5cyVIWRWeDeprDFybLm2BmxRr%2FNp3bYbQI1bf0R9e%2BdoZb39OIFGFw8u5siN7wIO6075ijUx0%2B6ZTtZj%2FASYmYXCUqHahYnjrvJenJZLFaINnTHoZrL"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 657ac4751ec9073e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
632 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: subdl.com
URL: https://subdl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 May 2021 19:27:41 GMT
server: ESF
date: Sun, 30 May 2021 20:38:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 May 2021 20:38:40 GMT

GET
H3-29 200 style.css
subdl.com/css/ 11 KB
3 KB 26ms
15ms Stylesheet
text/css 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/css/style.css
Requested by: Host: subdl.com
URL: https://subdl.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7d71e7d5d945325845bb111de15e91913c771d8ec2903a6d88031151c21c77

Request headers

:path: /css/style.css
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6273
cf-polished: origSize=16938
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991ddc00001f299bb9f000000001
last-modified: Sat, 30 May 2020 18:34:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PH3XFzv0La91NMub2h0XC%2FmJyKloYKnQU8pEJJHRPJ7VgZ8ID0NwWPtA23RZmeKLNFBCHY640xgJlftrQOW6FmRUXfjPT4qpskjQ0OQkH%2BrOdYODBdDn%2F8RfGphfaokWajCC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 657ac4762cec1f29-FRA
cf-bgj: minify

GET
H3-29 200 style2.css
subdl.com/css/ 3 KB
1 KB 30ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/css/style2.css
Requested by: Host: subdl.com
URL: https://subdl.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c3dc773b6a3cd4db0a619c65ce20a8048528dd76de853f48a540c413f80c07

Request headers

:path: /css/style2.css
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6273
cf-polished: origSize=4723
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991ddc00001f29ef3f9000000001
last-modified: Mon, 05 Nov 2018 18:29:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=A4oUrhhSMaxmchve9XTaZ62b80p0%2BSyQRaCoBq484HcF%2ByjwZOOqGMZUuyUIgr6ZknmYHGvumwrXQBjlhZ8zp6eeAxYXsBWNXv%2BusNVUcswy7IHQz7f9LufNsOsmqpJl5w0G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 657ac4762cf01f29-FRA
cf-bgj: minify

GET
H/1.1 200
OK 16809 Show response
eondunpea.com/1clkn/ 0
1 KB 156ms
36ms Script
application/javascript 176.31.68.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eondunpea.com/1clkn/16809

Requested by

Host: subdl.com
URL: https://subdl.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

176.31.68.242 , France, ASN16276 (OVH, FR),

Reverse DNS

ip242.ip-176-31-68.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 20:38:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 26ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: subdl.com
URL: https://subdl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a60991e1500004ee65abfb000000001
last-modified: Fri, 28 May 2021 10:23:11 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60b0c48f-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yWF1mqd0qn0VM0BsX%2BXeb0MrRzuwk1jX9WPP7Dc%2FaXIPA0c3DV%2FXZ0Sgbquc41yZDlzaVaKxI5D11Cb%2BKB7g%2Fqce5NrQv7dngp8CUsNnW9v2EY5Mn9uFp58Syhlbu%2FOuoiE3MnTaAHhJZqTv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 657ac4768fa84ee6-FRA
expires: Tue, 01 Jun 2021 20:38:40 GMT

GET
H3-29 200 api.js Show response
subdl.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 12ms
11ms Script
text/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subdl.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: subdl.com
URL: https://subdl.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WL6rOJsHYWNYKhio1lgv%2Bh09vXRZXQw730FAqucH%2BO1I54j0%2Ft2yyEmFwPv%2Fh8E%2BBzGZxXg1GsSJx1d%2FMNwD2QfeYHdHVTuQDR%2FpTnyyh1%2BA9Mk9cpDyu%2BBAyj8%2Fi3QurhWv"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 657ac476adb81f29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991e2c00001f299936f000000001

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 37ms
20ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: subdl.com
URL: https://subdl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 657ac476cad6dfa5-FRA
cf-request-id: 0a60991e3c0000dfa50b366000000001

GET
H3-29 200 dots.svg
subdl.com/images/ 816 B
921 B 30ms
29ms Image
image/svg+xml 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/dots.svg
Requested by: Host: subdl.com
URL: https://subdl.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79128d82f7e974b8b7a7837efe69cf291fb863ee14c352bce1564d22a249ea7d

Request headers

:path: /images/dots.svg
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Dec 2018 14:16:04 GMT
server: cloudflare
age: 6273
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SWfE3fdyhpGWIqeicvcdcm6f%2BI9FRUHdVt4lmJS7LwdcymunK0Qg1F5NzgKgdRd4YrTmmvuZkfjUpJiyA9Wpf3d8ZSyGIeCz1hkwFrqcY1tj%2BxMGPFEPEEzZAPDLLriSqA8j"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657ac476adbc1f29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991e2c00001f29d62d0000000001

GET
H3-29 200 StreamingSites.png
subdl.com/images/ 594 B
1 KB 26ms
26ms Image
image/png 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/StreamingSites.png
Requested by: Host: subdl.com
URL: https://subdl.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ce2fa8bb72095774c5bae58dbaadce9997155424f273e7fe8defb902883e59

Request headers

:path: /images/StreamingSites.png
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6273
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 594
cf-request-id: 0a60991e3100001f29c4926000000001
last-modified: Thu, 28 May 2020 08:34:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3%2FpHeR%2FUxVUSkVnuo1btQ7SdyeC7nKYDISilm5acA8facCXmidkMwo5JcqMDPyEv0M%2F%2BHhfRoRg8ZUy6JokB1xTymM6KOKM9gWSHaQEp7iWvk6ghSH9CMyh9ldraNU5O0wg7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 657ac476adc01f29-FRA

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
546 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: subdl.com
URL: https://subdl.com/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 May 2021 19:18:47 GMT
server: ESF
date: Sun, 30 May 2021 20:38:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 May 2021 20:38:40 GMT

GET
H3-29 200 stats.js Show response
subdl.com/js/ 602 B
815 B 22ms
22ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/stats.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 664e375a7c6ca8d749dd3aa12d9ad7dd1cc6429b3ff4e28f4e0e6730d21faa8b

Request headers

:path: /js/stats.js
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2019 06:04:20 GMT
server: cloudflare
age: 6190
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H2Ajq4TpIaRx5zREg0YDR98w7OQFsUDl2v%2FHsk0XzQyAM6N%2BVynSSPbDDjqK9vFEpGVbHacVDJXNak3T1Sr7p1%2Fnfw3nLZA2JMCzZjIWcO7T08afea9X2KXZtQsV3umctGQT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657ac476bdd01f29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991e3000001f2994abf000000001

GET
H3-29 200 ads.js Show response
subdl.com/js/ 22 B
593 B 16ms
15ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/ads.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6190
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22
cf-request-id: 0a60991e3100001f29afaa2000000001
last-modified: Fri, 10 May 2019 01:29:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KlmV3Yc1p2%2BO9bTBw8T113%2Bs%2B%2Fw%2B7VLPNFR67X0EJ%2FqTwYCJ%2FsfDVyFLgMSYVpZ9w9f2lT57CttypXsxjU9%2BUtt%2BdM0hXez7pRRqeAcz3%2BkhvTaRSgvNgLZ0Bzc7O4qA%2FVTM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 657ac476bdd11f29-FRA

GET
H2 200 / Show response
services.vlitag.com/adv1/ 933 B
1 KB 159ms
140ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=a38e0e0ce56e7c0101eaca269533bc36

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b734a59cb8f00325947013015c6b87191d75653bdd442b2a8164752eb2e5f642

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991e4200001f35fe9b3000000001
pragma: no-cache
last-modified: Sun, 30 May 2021 20:38:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wLTR7EVVeCgVn7556LF8m5gxoCecSQynNVfPkJyr13hH9waYAxKvuW35nyaHtl2NAYowCVctcunz5K4idCrR2uOZHrB92RwzYHa999AMvhmVNfhinwgBB8dnkSX8klojIOIDoHQ%2B1RxJ1G0N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 657ac476cbb91f35-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adManager.js Show response
cst.cstwpush.com/static/ 59 KB
60 KB 88ms
18ms Script
text/plain 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 20:38:40 GMT
Connection: Keep-Alive
Last-Modified: Tue, 25 May 2021 14:27:38 GMT
x-amz-meta-s3cmd-attrs: atime:1621952841/ctime:1621952841/gid:0/gname:root/md5:f7f10698b0e6bb748101b0917e29d311/mode:33188/mtime:1621952770/uid:0/uname:root
x-amz-request-id: tx0000000000000366f8635-0060b3f5bb-fb33aff-fra1a
etag: "f7f10698b0e6bb748101b0917e29d311"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1622407120.dop208.pa1.t,1622407120.cds001.pa1.shn,1622407120.dop208.pa1.t,1622407120.cds046.pa1.c
Content-Type: text/plain
Cache-Control: max-age=3067
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 60434

GET
H3-29 200 language_filter.js Show response
subdl.com/js/ 3 KB
1 KB 22ms
22ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/language_filter.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb63fdc7730a350373555327d3cc2ce80e133a98f80ab3e96a0c489c267aaf5

Request headers

:path: /js/language_filter.js
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2019 17:17:50 GMT
server: cloudflare
age: 6190
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xkXEg5Lcdb8ws%2FtosOxAr1uf5ME%2Fo5oeHz%2BSZKrgmKo4rXaolXjrtQUAlNgZ9%2B0SEuVYirrmR5zbUjcmX8btciMRKFK54ABMNDdp7%2BEEsbD1l53UqeGqNCF98ae%2FGI%2BlQ0B%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657ac476bdd31f29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991e3000001f2997b28000000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57662958-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ff985bfac8da605b2f46ea3a7c6d2a50f725439fd2684b54c622e35f19d2438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35861
x-xss-protection: 0
last-modified: Sun, 30 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 May 2021 20:38:40 GMT

GET
H3-29 200 main.js Show response
subdl.com/js/ 2 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/main.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b75db0e5722775eab0dd769853b3db1f5da999aaabbb8b30bb9fb69e2bfd2cf

Request headers

:path: /js/main.js
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 May 2020 07:37:34 GMT
server: cloudflare
age: 6272
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=csPPpjdbqHZr6fl1HBtj3wTBHUyQZC0HSxB5LUTKuiC48sj4JBmZZvEpM8ZlUBbFiB%2FtvGHKYAzBKW2bmsvaY6TJ2nUInc1gOUKFPYz3TZYha4JxdJClsshur5Tqhs88oVjo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657ac476bdd61f29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991e3100001f29cab0b000000001

GET
H3-29 200 jquery-2.1.0.min.js Show response
subdl.com/js/ 82 KB
28 KB 24ms
23ms Script
application/javascript 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/js/jquery-2.1.0.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

:path: /js/jquery-2.1.0.min.js
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Mar 2014 16:08:56 GMT
server: cloudflare
age: 6272
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jdnJxgLF5B7RXS9L%2BEwHLhgZqCVWvdYuXK47h70clN%2Fh8Kcz%2F%2F9pba2Xczvz4HwykMlLaYr4bI3U5vtIrqC3FbimJPwy64b2bCkadRf%2Bhn5QMyAcea8lYG4%2B6wcn2%2BD0B9nu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657ac476bdd81f29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991e3100001f29bf1c8000000001

GET
H2

200

900.jpg
i.picsum.photos/id/690/1440/
Redirect Chain

https://unsplash.it/1440/900/?random
https://picsum.photos/1440/900/?random
https://picsum.photos/1440/900?random
https://i.picsum.photos/id/690/1440/900.jpg?hmac=4V8eGWG-s13ln_BOYLN38q8qb7gZYs2YjMlZMzA2fng

205 KB
206 KB

456ms
452ms

Image
image/jpeg

2606:4700:20::681a:51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.picsum.photos/id/690/1440/900.jpg?hmac=4V8eGWG-s13ln_BOYLN38q8qb7gZYs2YjMlZMzA2fng

Requested by

Host: subdl.com
URL: https://subdl.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:51e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c6705c25a94eb0f4a37c08f800440f37e0dbb773bf6e21d9b76bf52649e3ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
via: 1.1 varnish (Varnish/6.2)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 657ac477d9e0979c-FRA
picsum-id: 690
content-disposition: inline; filename="690-1440x900.jpg"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60991ee60000979c43bd2000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MxEdQpaUU%2F8d2nfwsDJsxkfpVv%2F82y8dyrg6IlX7OX5xFm35htI%2FTdflCGn3vNUJ6iTOTG41j2xuWTDX03Qq7o%2Fk6R%2BWRvM3UsRymMCji4P3vXsr3kbQbKsFTtie4EnZWHBW9OkG6eE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 465993870
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
content-type: image/jpeg
access-control-expose-headers: Picsum-ID

Redirect headers

date: Sun, 30 May 2021 20:38:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=njTEMkXuUD94NuiXPuQS9s9TArDE1LkpglZBuq0OLw98dQAgaQgVH9PkW2Y0MFM%2F%2FAuEgCqW8PqdF7UIq%2Bd%2FfocNAmjEUr4msW80iYSOpDMQcm%2Bv%2Fu2NfAS1cS0vlH%2FTj0YL9ltk"}],"group":"cf-nel","max_age":604800}
location: https://i.picsum.photos/id/690/1440/900.jpg?hmac=4V8eGWG-s13ln_BOYLN38q8qb7gZYs2YjMlZMzA2fng
cache-control: no-cache, no-store, must-revalidate
cf-ray: 657ac4779c564e14-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a60991ec000004e14693e9000000001

GET
H3-29 200 logo.png
subdl.com/images/ 4 KB
5 KB 20ms
20ms Image
image/png 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/logo.png
Requested by: Host: subdl.com
URL: https://subdl.com/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea71037c0c2250b0ee169877edc7446a5e2449a20cd7140474a747fabd1bb1b3

Request headers

:path: /images/logo.png
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5062
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4478
cf-request-id: 0a60991e3200001f29922e3000000001
last-modified: Thu, 25 Sep 2014 01:16:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K8QutsM0G4sv7zAX6MBDSDpP%2Fze55roH8YuyLGrGDZW2Vg617AjF7HQYRTIQD3Kz0uLnyyFggr1tvEQ2%2Fik9dXgaFBZkhhVLUNb9JnC6jQH1adM9P99DHZpYtPe0WtuYH3jS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 657ac476bddb1f29-FRA

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://subdl.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:32:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 428780
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 25 May 2022 21:32:20 GMT

GET
H3-29 200 search.png
subdl.com/images/ 3 KB
4 KB 43ms
43ms Image
image/png 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subdl.com/images/search.png
Requested by: Host: subdl.com
URL: https://subdl.com/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b319959359eed631e2da73311f8d977a108860f3aa5b6788cd82e7889b13be3

Request headers

:path: /images/search.png
pragma: no-cache
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subdl.com
referer: https://subdl.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subdl.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:40 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6272
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3069
cf-request-id: 0a60991e3900001f29d0238000000001
last-modified: Thu, 25 Sep 2014 01:47:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1%2BXnYQ94D7WfbY%2FjFwwoRWzYeNJHTtZJQ0adV9QxKfSDmpdz9kdWockk%2F7lWwWqtxKP0%2BZowZGUlFiJmUWuHh4Z6fKZjPJRGj1AC9kUU965M9kDc4IocyCDv%2Fny18XGEm%2FWZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 657ac476cdf11f29-FRA

GET
H2 200 / Show response
in.pdvacde.com/wcm/ 0
299 B 573ms
190ms Script
application/octet-stream 88.208.30.231
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://in.pdvacde.com/wcm/?sh=subdl.com&sth=4d7c9a65b3874352ffe505ccda8eb429&m=3b35fe4a7241880dbd41afadfb4776be&sid=581_249267_680397036&stime=987.40&rand=0.5901967319479982
Requested by: Host: subdl.com
URL: https://subdl.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.208.30.231 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:41 GMT
content-type: application/octet-stream
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
p3p: CP="NON DSP COR CURa TIA"
x-msr: TRUE
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 4249383 Show response
in-page-push.com/400/ 80 KB
28 KB 101ms
46ms Script
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/400/4249383

Requested by

Host: subdl.com
URL: https://subdl.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

221f05ec2aa8bca98331a04f48bc748e9b9443fb45508b70990cab33b8f0bf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 1ebda32592f1c9afa8412f123bfe498c
pragma: no-cache
date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 4964 Show response
na.nawpush.com/tags/ 996 B
1 KB 73ms
23ms XHR
application/json 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/4964
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 66df1c0b4e9ce39a2feaa011c519a0b255b1f9581bdf951b58ef84e26fcfb73f

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 30 May 2021 20:38:41 GMT
cache-control: max-age=300, public
server: nginx/1.18.0
content-type: application/json
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48356
x-xss-protection: 0
server: cafe
etag: 3890051329819667200
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 May 2021 20:38:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57662958-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 709
date: Sun, 30 May 2021 20:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 30 May 2021 22:26:52 GMT

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
695 B 141ms
132ms XHR
application/json 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fsubdl.com%2F&mtk=11328

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=a38e0e0ce56e7c0101eaca269533bc36

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13
cf-request-id: 0a6099212200004a7ad301d000000001
pragma: no-cache
last-modified: Sun, 30 May 2021 20:38:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nBYHwpfofl919QNpE8%2FlqgSolwMOCwMIKoqMufbmtrWrEME73bSBAln9XxUsqtOqcoHAWkY%2Bu62oyAkspHK4WIYU82YNOXUqr2NU%2BYz1Yn7eo%2Fk9r38fUdLA8YBY%2Fmhvw2rHaUoaKgbQm6sT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://subdl.com
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 657ac47b6a1f4a7a-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 a38e0e0ce56e7c0101eaca269533bc36.js Show response
tag.vlitag.com/v1/1622364808/ 507 KB
112 KB 43ms
40ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=a38e0e0ce56e7c0101eaca269533bc36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2040acc744f6c4a76f64539b0097f52733d4478267b8a53a4592b6de145d6a9b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 42250
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a6099211b00001f35cbad9000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YAZNBNzqTTQu8Vw1v0lybQLq7MXQjS6EohAFTDICqdTtm%2BOo2uDHQwUQTk4R70W92%2FTCu7E%2BzmTur2shrF%2B4Fh0TmTGeBS8D9dJluHoX45rLZq7TH74u1mbH8XXqTc5TVTSI3pc1IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
cf-ray: 657ac47b5cd21f35-FRA

POST
H3-29 200 rum Show response
subdl.com/cdn-cgi/ 0
162 B 9ms
8ms XHR
text/plain 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subdl.com/cdn-cgi/rum?req_id=657ac4754b2d178a

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://subdl.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b
content-length: 1280
:path: /cdn-cgi/rum?req_id=657ac4754b2d178a
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://subdl.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 657ac47c3fa51f29-FRA
vary: Origin

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=301774001&t=pageview&_s=1&dl=https%3A%2F%2Fsubdl.com%2F&ul=en-us&de=UTF-8&dt=Subdl%3A%20Find%20any%20subtitle%20you%20want!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2132988358&gjid=1660634904&cid=1321959722.1622407121&tid=UA-57662958-1&_gid=128070557.1622407121&_r=1&gtm=2ou5q1&z=1677234360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subdl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 apu.php
cdn.betgorebysson.club/ 0
0 83ms
29ms Script
application/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.betgorebysson.club/apu.php?zoneid=4250372
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/4249383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: d86997d2a2d30de4b89997533b27f539
pragma: no-cache
date: Sun, 30 May 2021 20:38:41 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame 70D2 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210524/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 May 2021 20:29:24 GMT
expires: Sun, 13 Jun 2021 20:29:24 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 557
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 6 KB
3 KB 72ms
23ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 30 May 2021 21:38:41 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 build.js Show response
script.clickadilla.com/banner-admanager/ 43 KB
44 KB 90ms
24ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.clickadilla.com/banner-admanager/build.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 068691e9b48173f74bf194cf9aa42b9afc1ca76c22b995d697930dee2d24bc7a

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
last-modified: Tue, 25 May 2021 16:22:58 GMT
server: nginx/1.12.2
etag: "60ad2462-ad85"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44421
x-proxy-cache: HIT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 31ms
29ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 601955
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a6099223c00001f35a10f0000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YeEEGVecAHGdhT8xxEtRsCiQLgopUeh5oxwF6MlwyQFt5Hhzx9GJ6omNWbCuKE7%2F4KmhOVKH5jWMB%2FGFOFLWXdgBXEH2v4Ex4Rfj%2BumHXw3C63G%2B59L5ga4fjugq9a7C%2BOIzLVKs38fA%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657ac47d28a61f35-FRA
expires: Sun, 23 May 2021 21:56:06 GMT

GET
H2 200 prebid-v4.38.0.js Show response
assets.vlitag.com/prebid/default/ 411 KB
117 KB 61ms
60ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1768403
cf-polished: origSize=421400
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a6099224100001f35cf1fe000000001
x-robots-tag: noindex, nofollow
last-modified: Mon, 10 May 2021 09:25:11 GMT
server: cloudflare
etag: W/"6098fbf7-66e18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ve2byiyx5373ambrHk445wdiB3Uncux617bkWogAM4plYecHMYgMLGArloOE50nv5C6cCVsFMDeRRnmrPbQ7OjW9go6ENAfjs9hCQ5LiAkCTdvExz%2BXCKEwWOet4ueUq9xnYyv6CrQU5eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657ac47d28ab1f35-FRA
expires: Mon, 10 May 2021 09:55:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "888 / 927 of 1000 / last-modified: 1622153345"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21426
x-xss-protection: 0
expires: Sun, 30 May 2021 20:38:41 GMT

GET
H2 200 viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 603407
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a6099223f00001f359d999000000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 26 Nov 2020 03:46:23 GMT
server: cloudflare
etag: W/"5fbf250f-33d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wCCulhzEaPoelKWLZzYOx3AfEi2Vivmkd2C%2B2r4562ePm2yEjunG4qPo5fXqYkZAjotiCmJqfhJVahPhOh3CW0HyKMYr3YyVGuQ01OY6jqXePm16NNBARw2Md08n93tNmAU0q3%2BlMN8eAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657ac47d28b21f35-FRA
expires: Sun, 23 May 2021 21:31:54 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 337 KB
116 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117995
x-xss-protection: 0
expires: Sun, 30 May 2021 20:38:41 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
16 KB 26ms
26ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 603407
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a6099223e00001f358f9dd000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C4AwtYQYu%2B14ZIvLl8hidFfW8JQszwYWlPYFZv2rFN4pmdyoa6QW7LG0WbRnJyCMdCDmQUCwD4yfV3EDHvAn5ISbjy3Wy%2Fofhrdk7NNY7wXHhhdq1dr%2BTgWgi2gGjjd%2Fjc6g6ugckOLWzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657ac47d28b41f35-FRA
expires: Sun, 23 May 2021 21:31:54 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-57662958-1&cid=1321959722.1622407121&jid=2132988358&gjid=1660634904&_gid=128070557.1622407121&_u=YEBAAUAAAAAAAC~&z=46170942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 30 May 2021 20:38:41 GMT
content-type: text/plain
access-control-allow-origin: https://subdl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 result Show response
subdl.com/cdn-cgi/bm/cv/ 0
743 B 16ms
15ms XHR
text/plain 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subdl.com/cdn-cgi/bm/cv/result?req_id=657ac4754b2d178a
Requested by: Host: subdl.com
URL: https://subdl.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://subdl.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b; _ga=GA1.2.1321959722.1622407121; _gid=GA1.2.128070557.1622407121; _gat_gtag_UA_57662958_1=1; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1622414321448}
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=657ac4754b2d178a
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K0PtmuQp1MYcyv0f%2BpIj07AvcPOHd7HGCDRfiUzkguWKD5P%2FxFH4WMAJfjwXlLm6%2FLC5q%2F%2B83YDFocVH90cZ0I5MbcIDov6MtxLOvJ%2FYBojIcz40rQT9RPw%2F5FV8Y1ro6gR8"}],"group":"cf-nel","max_age":604800}
set-cookie: __cf_bm=1e6fe5b21c97214372819dd2c1c1cf68036b1849-1622407121-1800-AWmrrHUT8TEgVNx3a6yMOsCw85b3gI4t4xaWB+DzfL/+BIZer02j6LFx5WBGwa5x6roau10Aq+IwQI9Mz2Am1CKivpw3k9kLFAkAs4z8cOfRvAGVjssI8FM31wQmybBnkvBXz3X6HBdGszV05Uod0H4=; path=/; expires=Sun, 30-May-21 21:08:41 GMT; domain=.subdl.com; HttpOnly; Secure; SameSite=None
cf-ray: 657ac47d7a301f29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a6099226900001f29dd395000000001

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-57662958-1&cid=1321959722.1622407121&jid=2132988358&_u=YEBAAUAAAAAAAC~&z=767583388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-57662958-1&cid=1321959722.1622407121&jid=2132988358&_u=YEBAAUAAAAAAAC~&z=767583388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021052401.js Show response
securepubads.g.doubleclick.net/gpt/ 309 KB
109 KB 93ms
34ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 08:37:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110966
x-xss-protection: 0
expires: Sun, 30 May 2021 20:38:41 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 20ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210530

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3147f8a14b0c4402290dc9371bfff77f6de623094fb85de0f6e61ad9f610d90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 20246
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 957
etag: W/"69a-F6y50PVc7OFRY2XKh1tI2OZc9cM"
x-served-by: cache-fra19145-FRA, cache-hhn4025-HHN
date: Sun, 30 May 2021 20:38:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
logs.vlitag.com/sub/ 0
352 B 135ms
134ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.vlitag.com/sub/?d=subdl.com&h=subdl.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yvnPT2LVXHzPOih87dIj2PsUZNujR1hNrcZRfexLP%2B9d6Og9BT4TTDXKgx8ArY4qJIHziNm2p%2FGUbi9Ft%2F74pE8PDI4E7ImuxIMDewsvINW9zQPmJ7Pah3i2Pl%2BQ8D4LE0hlZgFZUcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 657ac47e1a431f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a609922ca00001f35e6820000000001

GET
H3-29 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 38ms
26ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 346097
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106784
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7YIRAsWUpZ5L0SPGuv80uh9vyUe6PrVFt8Y%2Fisi6TWJ7trauURqage8y1pvGSj3w2dLmjzDWp1x07ebglup5lGC4Mku8TQBfg%2ByZdf5erCBOp1MqehTLDHBbnw750uUA%2Fp%2FfzJax1MJwZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 26 May 2021 21:00:24 GMT
cache-control: max-age=16070400
cf-request-id: 0a609922dd00004e314b89b000000001
accept-ranges: bytes
cf-ray: 657ac47e2b494e31-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://subdl.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 327309
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 27 May 2022 01:43:32 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 86ms
28ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/4249383

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9215fc34631289f9f16383c00a9f3db148b90668b008f3bfd1781e4bff26cb7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subdl.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3-29

206

videoplayback
r1---sn-4g5ednly.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=QfsviWpOGno&t=y
https://redirector.googlevideo.com/videoplayback?expire=1622427283&ei=M_KzYKP0M7f3xN8P37uzqA4&ip=52.214.224.26&id=o-AHD7QQgQpdQOZclmArrOvu_HL-qim-Qjy6_HBfz81bOF&itag=22&source=youtube&requiressl=ye...
https://r1---sn-4g5ednly.googlevideo.com/videoplayback?expire=1622427283&ei=M_KzYKP0M7f3xN8P37uzqA4&ip=52.214.224.26&id=o-AHD7QQgQpdQOZclmArrOvu_HL-qim-Qjy6_HBfz81bOF&itag=22&source=youtube&require...

391 KB
0

16ms
7ms

Media
video/mp4

2a00:1450:4001:67::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednly.googlevideo.com/videoplayback?expire=1622427283&ei=M_KzYKP0M7f3xN8P37uzqA4&ip=52.214.224.26&id=o-AHD7QQgQpdQOZclmArrOvu_HL-qim-Qjy6_HBfz81bOF&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=oExMHvWRGujQYexdVBmrhEgF&cnr=14&ratebypass=yes&dur=645.468&lmt=1586201275978936&fexp=24001373%2C24007246&c=WEB&txp=5535432&n=isTdOGUjkrwFQZ65&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB1m-Czf9ejEnQCEMME1SV9vkwTC7JYJSnB8Yyb2rsRcCIQCk12mgXf9UEBKZukojZrJPYw_HR_YLxHpue_jt4Lmm2g%3D%3D&cms_redirect=yes&mh=oq&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednly&ms=au&mt=1622406765&mv=m&mvi=1&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMLw8W1XtxkJ8Sy3q0KrThLfiIFOYh6gCiuzXOMHKMZUAiEAjVS5SkbN7mSAbLCff3ePvZYypCv45DxaEVnR2EX7bZM%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Apr 2020 19:27:55 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-60217550/60217551
client-protocol: quic
cache-control: private, max-age=19862
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 60217551
expires: Sun, 30 May 2021 20:38:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:41 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5ednly.googlevideo.com/videoplayback?expire=1622427283&ei=M_KzYKP0M7f3xN8P37uzqA4&ip=52.214.224.26&id=o-AHD7QQgQpdQOZclmArrOvu_HL-qim-Qjy6_HBfz81bOF&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=oExMHvWRGujQYexdVBmrhEgF&cnr=14&ratebypass=yes&dur=645.468&lmt=1586201275978936&fexp=24001373%2C24007246&c=WEB&txp=5535432&n=isTdOGUjkrwFQZ65&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB1m-Czf9ejEnQCEMME1SV9vkwTC7JYJSnB8Yyb2rsRcCIQCk12mgXf9UEBKZukojZrJPYw_HR_YLxHpue_jt4Lmm2g%3D%3D&cms_redirect=yes&mh=oq&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednly&ms=au&mt=1622406765&mv=m&mvi=1&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMLw8W1XtxkJ8Sy3q0KrThLfiIFOYh6gCiuzXOMHKMZUAiEAjVS5SkbN7mSAbLCff3ePvZYypCv45DxaEVnR2EX7bZM%3D
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1169
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4249383 Show response
in-page-push.com/500/ 4 KB
3 KB 30ms
29ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/4249383?excludes=&oaid=3fb74390fa044886a28f74f20142ffe0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fsubdl.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/4249383

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

49dc778964fc56eb336f016c06bb3495f04e3361df58f983dd18c4c953fdd193

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 78b83160c3b6f0d283dc4ab5286c32f0
pragma: no-cache
date: Sun, 30 May 2021 20:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://subdl.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 4249383
in-page-push.com/500/ Frame 0
0 130ms
77ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://subdl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 30 May 2021 20:38:37 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://subdl.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ 3 KB
4 KB 121ms
30ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 20:38:42 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H2 200 iLgpJiniytefyNsTgPE8l8xS42Hnw1oEAm4qVh1ZHAGRTff6p_CP0xBlR5Q4-XygXcX2h4wy9Qo0VJcA9EArtaM430acw-2fA90NryDzLp-pev6w9l2ixK4pu6TxErWK6KgT5tPF1FlXPKyQUmymn3MQibc9MuFWKZIPNDaguSCyDftWSM22UPa8JGmj04z5hRhX0...
forzubatr.com/impression/ 43 B
326 B 89ms
28ms Image
image/gif 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forzubatr.com/impression/iLgpJiniytefyNsTgPE8l8xS42Hnw1oEAm4qVh1ZHAGRTff6p_CP0xBlR5Q4-XygXcX2h4wy9Qo0VJcA9EArtaM430acw-2fA90NryDzLp-pev6w9l2ixK4pu6TxErWK6KgT5tPF1FlXPKyQUmymn3MQibc9MuFWKZIPNDaguSCyDftWSM22UPa8JGmj04z5hRhX0lDFW7iqag1I4MGBl6bF-hsT_HgW1HfRyz4O8jzQWSskQfgmAr3Nji8ggrUdpbXeqbX4f-aL8PU3wdoJ9ttpA_4q0FXDfFXdY-z3fSSQmkuCqHzHx6T5K2EmL7mbCfQ-njUEBasR9l_qlqgJBNvHCU22BGxETy8GpvYLhQcI7o-FkjfVP8uvSjo-A1KcNptdrHrw9ogxr8M9tU-7IpU-sfMASF2gwGoK8qDm2H8P4b4wCcIgQ4LPUlDOQP0TAsjLSRvr0g9NKtgMZUO6I63dPqsln8t6ouirRY6usliXH7VHqHUwqo5tQIU-25JlFq0DL3or9lvRvOsrlTx59Z1nFwMBA-L4Mg6D8L-SfYYukcD5pKtZ6OKkJKrkrLj9IzUKG_q43uuMlAwW-35zgl2yU4bLO33AGna1RkQE7-7iTBIHd5R89geb0EXOAGEbaQBCnVQzDCwraWa2tp5QUoVtN9sxzlktLnlnDLeADur5vIGzbhMOWBDC2qDKg3I3rXkRGw==?z=4249383&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fsubdl.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 0627aa06badc590f284d62cb991a80e8
pragma: no-cache
date: Sun, 30 May 2021 20:38:42 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 4249383 Show response
in-page-push.com/500/ 1 KB
1 KB 30ms
30ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/4249383?excludes=8093040&oaid=3fb74390fa044886a28f74f20142ffe0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fsubdl.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/4249383

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

361472c6e961367391bd6afce98b88e0ad898754714697c8c2f8cdfb2030f106

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d2778c45df23ce2ec6339b8f4feeb286
pragma: no-cache
date: Sun, 30 May 2021 20:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://subdl.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 4249383
in-page-push.com/500/ Frame 0
0 27ms
26ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://subdl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 30 May 2021 20:38:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://subdl.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ Frame 030A 3 KB
4 KB 28ms
28ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/4249383
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 20:38:42 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H/1.1 200
OK 0809963022804.png
static.cdnativepush.com/contents/s/d9/f0/1e/cfb5aecc1eb938157da864a923/ 3 KB
4 KB 28ms
28ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/d9/f0/1e/cfb5aecc1eb938157da864a923/0809963022804.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 29f293142b202afb2cc5a3ffaf273b8579d619481adbff6e08f4ca7830599650

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 20:38:42 GMT
Last-Modified: Mon, 26 Oct 2020 16:18:06 GMT
Server: nginx
ETag: "5f96f6be-c33"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3123

POST
H3-29 503 save_some.php Show response
subdl.com/ 10 KB
10 KB 23ms
22ms XHR
text/html 2606:4700:3031::ac43:dd65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subdl.com/save_some.php?pos=footer

Requested by

Host: subdl.com
URL: https://subdl.com/js/jquery-2.1.0.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:dd65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ad46afb5222d60cb852eff703d03cc19fdf3f8b72f822b28dce42c369b454e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://subdl.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: PHPSESSID=cdf569482eaeb0c73b3f420d637a3d9b; _ga=GA1.2.1321959722.1622407121; _gid=GA1.2.128070557.1622407121; _gat_gtag_UA_57662958_1=1; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1622414321448}; __cf_bm=1e6fe5b21c97214372819dd2c1c1cf68036b1849-1622407121-1800-AWmrrHUT8TEgVNx3a6yMOsCw85b3gI4t4xaWB+DzfL/+BIZer02j6LFx5WBGwa5x6roau10Aq+IwQI9Mz2Am1CKivpw3k9kLFAkAs4z8cOfRvAGVjssI8FM31wQmybBnkvBXz3X6HBdGszV05Uod0H4=
content-length: 64
:path: /save_some.php?pos=footer
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: subdl.com
referer: https://subdl.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://subdl.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 30 May 2021 20:38:42 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JmDJ4GxbaSvvha8BlFhI%2BO7mGheHXFtO7mYRugzKwVsYsB5HQtgFSfkID8rmfFZLyAKkQqwOjsNRiG81zcbB%2BPEku4MhFKMk2V3c7kv3dchYaEELU5LnCRWeZIIJHoYxdb3J"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 657ac484cfe91f29-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a609926f900001f29afb4b000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 100ms
37ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subdl.com
date: Sun, 30 May 2021 20:38:44 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 610 B
1002 B 150ms
88ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

eb70b93032fd0245c69ed84d9ed40b186b48b9d3cf4949e44332d7ff7837e697

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 30 May 2021 20:38:44 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 89.40.183.214; 89.40.183.214; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com; 185.33.220.234:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: da04ef5f-f272-45e5-99a2-14d0b574502c
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://subdl.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/subdl.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/subdl.com/ROS?rnd=0.23958709546642276&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3...
https://ads.us.e-planning.net/hb/1/2c995/1/subdl.com/ROS?ct=1&rnd=0.23958709546642276&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=ht...

483 B
894 B

32ms
31ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/subdl.com/ROS?ct=1&rnd=0.23958709546642276&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fsubdl.com%2F&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: efb45127d9af4090730e9c5a05d0ac3753d821e722d9e99b5faa406f198cba4a

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:44 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://subdl.com
expires: Sun, 30 May 2021 20:38:44 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 483
x-sid: AMS-739

Redirect headers

date: Sun, 30 May 2021 20:38:44 GMT
server: openresty
access-control-allow-origin: https://subdl.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/subdl.com/ROS?ct=1&rnd=0.23958709546642276&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsubdl.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fsubdl.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-739

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
362 B 320ms
123ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subdl.com
date: Sun, 30 May 2021 20:38:44 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 25
vary: origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
647 B 164ms
144ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 May 2021 20:38:44 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://subdl.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cG%2Bl8pGAAGKz2%2BJq0HFzp1132TsUYXeLE0xae5J%2Fqv%2B5fURR4xn4q90meamBBn8k94E9UEnsTXBD6f1%2FapzJRSGFS6C3tTW6akmzkqOQ%2FQSL956E%2F4NTzdFTQXapql7Ak3ozYF6ipKTOOhtctw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 657ac4911d2f2b22-FRA
cf-request-id: 0a60992eb500002b2277a7b000000001

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
139 B 55ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=40213771615
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://subdl.com
date: Sun, 30 May 2021 20:38:43 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-29 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
3 KB 13ms
12ms Image
image/svg+xml 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1431398
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a60992fe500004e310bb14000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PYWljygW6NGKJ89eEzjgdrabKHNjZpQbQik7YFRGU9XXsTjy%2B%2BCCooyteCVxNfvONzLm3NbPOtPc1YFtRnQCeMcm54lMGP0d3H0CYuyXXmvN13BYkCUVWw2EsYAnO%2BAnIjv9%2FBeV6YiWPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 657ac4930da34e31-FRA

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 579ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:47 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 31 May 2021 20:38:47 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 56ED 0
326 B 68ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=subdl.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=subdl.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1678
set-cookie: uid=0a7b7790-bfca-404b-93f3-feff8d07fac1; expires=Mon, 30 May 2022 20:38:46 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 30 May 2021 20:38:46 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 55ms
27ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:47 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 31 May 2021 20:38:47 GMT

GET
H2 200 WN35KjCsVa--EIL2Nw0qUglkpvRJdNGforLXYfesmZl8BHWPVoPrhCFFXJWnq9G29CkRkeTGBlF0sKXJZ2xCEGRJl62nUEfZGlLkoGKJ-34ZhijAxx5pxM4bwyumQk_HxNrC1Si7sSBhG-u2m-gSgHmQmGjjT3pZ7eNtQ5SgANMV4vbz98nrLO9GuPX75JnDi3pNA...
forzubatr.com/impression/ 43 B
325 B 27ms
27ms Image
image/gif 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forzubatr.com/impression/WN35KjCsVa--EIL2Nw0qUglkpvRJdNGforLXYfesmZl8BHWPVoPrhCFFXJWnq9G29CkRkeTGBlF0sKXJZ2xCEGRJl62nUEfZGlLkoGKJ-34ZhijAxx5pxM4bwyumQk_HxNrC1Si7sSBhG-u2m-gSgHmQmGjjT3pZ7eNtQ5SgANMV4vbz98nrLO9GuPX75JnDi3pNAfOWHV7rTyIvLIjCDhHaWMIQUEIqO2GuskJZ7-jamvR3WzPZqdq-Y399kxIj2jEEBSIqRTM4HVyl92X_rr1dSkkzFHzJj8THRoL8PKQyHfJtwNNJmsJ9UARgKVK2T07ti9-UKtSp4J54zqiiwczVMFCSFubxwN5wkFrlFSDcc2jiJZIj1JWKJZONGlgkS6x0QgAyRo_JUHV4vfW9j9JSf7XKT4auFX2n3PJJgmVsC5w615MjasGS7b60kfTuIT580kB0seuld2WkkEiCE6iUi0V5C3l54V_fjmmk-yCl3iA6dVgIqZPFDhB--3GPhThfebSHb1O7J5EtxDowqYdgfNWIANkvWi0mzAIgW53Z2UAyPWO4EWVqEqiqdP6ZgSgMHJd_IQQ8lg-WQHLRZF-02uM=?z=4249383&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fsubdl.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: b8c03d1b28ffea65a77fca907b8ca9bd
pragma: no-cache
date: Sun, 30 May 2021 20:38:47 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0809963022804.png
static.cdnativepush.com/contents/s/d9/f0/1e/cfb5aecc1eb938157da864a923/ Frame 030A 3 KB
4 KB 29ms
29ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/d9/f0/1e/cfb5aecc1eb938157da864a923/0809963022804.png
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/4249383
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 29f293142b202afb2cc5a3ffaf273b8579d619481adbff6e08f4ca7830599650

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 20:38:47 GMT
Last-Modified: Mon, 26 Oct 2020 16:18:06 GMT
Server: nginx
ETag: "5f96f6be-c33"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3123

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame A484 4 KB
1 KB 129ms
128ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea836eb35570831dcf025e8395371d165576a46808b5c1d3f0b1ed347820a631

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subdl.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=46eecd89-6bbe-4b5a-9ed9-5842bedc5bcd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subdl.com/

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
content-type: text/html
set-cookie: uid=46eecd89-6bbe-4b5a-9ed9-5842bedc5bcd; expires=Sat, 19 Jun 2021 20:38:48 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a60993ba000002b22948c8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R3iLspdWgjw6JGUVkc5w6heZjQP%2Bth3DSXUBH63YsMve5yeGDSNTCoVKPd5%2BzfK9%2BBL3pk4j0GFZ0nP18UmsNRCpSZmkt0HkvPoGjLg1UWmcRfEBkqSRYs17cwUs7vsftw3ncCkH9D1%2B4ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 657ac4a5cc3c2b22-FRA
content-encoding: br

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D0d5e0f8d9d0f712c%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D0d5e0f8d9d0f712c%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=0d5e0f8d9d0f712c&uid=2a6e21f1f1feec3d5e78e2de

42 B
104 B

310ms
22ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=0d5e0f8d9d0f712c&uid=2a6e21f1f1feec3d5e78e2de
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://subdl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Sun, 30 May 2021 20:38:48 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=0d5e0f8d9d0f712c&uid=2a6e21f1f1feec3d5e78e2de
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame A484 0
474 B 322ms
27ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-H4TdCjJE2uGzYJRCgn3G6lw2lsa4n.wPkxXOfho-~A

43 B
348 B

247ms
246ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-H4TdCjJE2uGzYJRCgn3G6lw2lsa4n.wPkxXOfho-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=usUBsJy7FGKFHKMe%2F3ZyDyfquXqXnQMRgXDR9hT%2FKSB9SUI9aYT2T84UEYaDSYnLqIXhEDJaAhdGvWDmnlzBd06vtYwkNHaU8%2B04MxbmPD7QZdC3dHTn%2FkUL%2BkEntnfpXSomypM8lPx4Tw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a8ba9e2b22-FRA
content-length: 43
cf-request-id: 0a60993d7400002b22b71a7000000001

Redirect headers

Date: Sun, 30 May 2021 20:38:48 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-H4TdCjJE2uGzYJRCgn3G6lw2lsa4n.wPkxXOfho-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=613188922150500133

43 B
341 B

249ms
249ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=613188922150500133
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Rl4slKfSeQlRLo6T0ZGX8bptbOF24ziUwr%2BrMFInJLyP9TrFsf9C%2FiI02XP4Oshz7FNhBlpXdG6RNELUiRlP5uxBUDm78aCUdNMcoxWJMmA9ZhvnineKXkq0spOyRuJH6qvUd9kcEqbSnLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a8ba8b2b22-FRA
content-length: 43
cf-request-id: 0a60993d7600002b22cd90c000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
X-Proxy-Origin: 89.40.183.214; 89.40.183.214; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.245:80
AN-X-Request-Uuid: 8cc92d1e-b431-46fe-a0c5-cf1154445a59
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=613188922150500133
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e2a5176a-6504-4abd-878e-780c6b980417

43 B
480 B

133ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e2a5176a-6504-4abd-878e-780c6b980417
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6F7gLxaN%2Be31F9I3oOYilJZoqjMDvFRF%2FJJ9g8PByTs8Arl4kcm41%2FNCNB2yHHibxarL2j3FIraVrTFEaAvk9PERzTxQyeZCUzePuAFebaAxoZD9vwGHIG7wbvzhyIMub6vzftH8BOzfVvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a8eb052b22-FRA
content-length: 43
cf-request-id: 0a60993d9200002b2279a64000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-e2a5176a-6504-4abd-878e-780c6b980417
date: Sun, 30 May 2021 20:38:48 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=613188922150500133

43 B
370 B

247ms
246ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=613188922150500133
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s1PKzF9H70pCL1mbtUIv74tWtw%2BmqC2I4WFTskCzaXiAQXWDT%2FHdsApaNYN3znS02KBNk%2Fd1VBKK3%2BAQKVVHukWJaN8vNBGPuAZtS5ndJZ9ihLeVKhwwzWgIdUe4k3o%2FEF2Fx%2BaMTywk1Yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a8ba932b22-FRA
content-length: 43
cf-request-id: 0a60993d7000002b22c828f000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
X-Proxy-Origin: 89.40.183.214; 89.40.183.214; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid: 87fdf10f-1064-4a4b-91a7-748061a28bed
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=613188922150500133
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2a6e21f1f1feec3d5e78e2de

43 B
357 B

131ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2a6e21f1f1feec3d5e78e2de
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G4FoImAIrANBnXrbAOjCxEJLAoRS9XUHSpJvJ84qYPr%2FRotKIg%2B3DswsbtVT%2FjLQ%2FuF5PhPnxZAsrrymtBT%2FUlJQn17qrHTdBQouMqQ9s7IUlkMgym9x1Bu39C5F%2FFF8Be5007G3cxDS2mA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a6de752b22-FRA
content-length: 43
cf-request-id: 0a60993c4800002b22d1aba000000001

Redirect headers

Date: Sun, 30 May 2021 20:38:48 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2a6e21f1f1feec3d5e78e2de
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%253FA%253Ddcc12d3d-b270-42aa-9dc6-a28444534e49%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9zeW5jLnF1Y...
https://prebid.a-mo.net/cchain/0?A=dcc12d3d-b270-42aa-9dc6-a28444534e49&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=613188922150500133
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=dcc12d3d-b270-42aa-9dc6-a28444534e49&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=2a6e21f1f1feec3d5e78e2de
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=dcc12d3d-b270-42aa-9dc6-a28444534e49&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YLP32J7peXgTXanbUtUQwgAA%...
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZ...
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3Ddcc12d3d-b270-42aa-9dc6-a28444534e49%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW5...
https://prebid.a-mo.net/cchain/3?A=dcc12d3d-b270-42aa-9dc6-a28444534e49&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=dcc12d3d-b270-42aa-9dc6-a28444534e49

43 B
364 B

132ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=dcc12d3d-b270-42aa-9dc6-a28444534e49
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z4MN2kPqOwx258Lelds1sV8iU8KJBKGYWHILJaSdQM2k92i%2BcqrmgvmUW7ZpNTXzG5oQp%2F8guwSYhUd2hSC4JORkc7RRrtYlZCVSUB0waxwLsVjg9vdB%2BaD1cImaz1mo3IoaxTX7sjl%2F01I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4ad0bf62b22-FRA
content-length: 43
cf-request-id: 0a6099402c00002b22bd0ef000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=dcc12d3d-b270-42aa-9dc6-a28444534e49
date: Sun, 30 May 2021 20:38:48 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=af33530c-5666-4b0c-bec9-ab04335f60b9

43 B
345 B

136ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=af33530c-5666-4b0c-bec9-ab04335f60b9
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tTjRA2enJ4Cemrz5accQnloJqCyWWf3%2BRwthhOjYIBZC4aqoAs7yMkmVx3mGIPWtp8vunfCZ1kkbY7d8m0E69O6J%2BKTYH%2F8o5U11%2FhAPRGK%2Fw4pXPRFfakhmmnM5s6IU8qhRO6QQcXDzFCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a77fd32b22-FRA
content-length: 43
cf-request-id: 0a60993cab00002b22c4319000000001

Redirect headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4uLqSJATS5gcTTQNK40mcUuUvkbUg71Z9EPW593g33G8KZv0Uhb3YUaijVJHadCOJwiFSNikY%2F51u3RkDbgslYmsjlqckZByn5SvkTRN%2BazbHhxfAnuhIcxygCXXWVHGyyot%2FwYpYBxC"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=af33530c-5666-4b0c-bec9-ab04335f60b9
cf-ray: 657ac4a6be2a2b22-FRA
content-length: 0
cf-request-id: 0a60993c3200002b22ca978000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP093165c4-c187-11eb-b90d-062e6c792732
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP093165c4-c187-11eb-b90d-062e6c792732

43 B
341 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP093165c4-c187-11eb-b90d-062e6c792732
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a%2F4PUp7qAXvGTlgCbznkHkPeJy5L4fQEMr8l7IUCHVa2joU0LgEwTwdSKoEqf4VpffWiwsvBIMY1OEICIELAzvPL1VeAqgl9VOkh1YMsUEidP%2BtsRFScCAqm9Kx07pvK4dMu03c4yDaPMvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a8eb022b22-FRA
content-length: 43
cf-request-id: 0a60993d9200002b2297a01000000001

Redirect headers

Date: Sun, 30 May 2021 20:38:48 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP093165c4-c187-11eb-b90d-062e6c792732
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=613188922150500133

43 B
344 B

133ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=613188922150500133
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YDiY%2BIeGPmuA5xnBUyznCdeM0bCe7ra5XNUYfbmtJUbSB2uB%2BKe9ZklPKHiHGZZlUnoDDeglVAo9i%2FmCicXc4%2FyGRtft3DhUp1iLkh94GSQwJj0NyNV1rirA%2BboJF05ZgXFY2fFEAQF7doE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a8ba8e2b22-FRA
content-length: 43
cf-request-id: 0a60993d7300002b225eab1000000001

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
X-Proxy-Origin: 89.40.183.214; 89.40.183.214; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.196:80
AN-X-Request-Uuid: a744d3bd-0bae-48af-b467-1f13054bc5ad
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=613188922150500133
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame A484
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=6f3c9b99-ced3-5196-9610-de03f6a329db

43 B
353 B

250ms
250ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=6f3c9b99-ced3-5196-9610-de03f6a329db
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z0pp4eC19btbi7SAwjK0VJdjn2CgOHsc0hBsnj%2FK9JMSkoMkc3XmDw2JSu6kmxXcwe75NKN5hTHIv3MbxdK5hM%2Fvgr8pJSCR2iL0G8TN7Nd3k7eTMABmAEjQMIyweGvyUYcYVqhZU9wa%2BJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a92b9d2b22-FRA
content-length: 43
cf-request-id: 0a60993db700002b22bf176000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=6f3c9b99-ced3-5196-9610-de03f6a329db
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame A10F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

99ms
98ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ada04fb27b7c30ac9db7aa926cc05e9d2abbf28b0851372dcb3ee126993841ae

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLP32J7peXgTXanbUtUQwgAA; CMPS=5155
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|241|45|65|190|81|41
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1734
Expires: Sun, 30 May 2021 20:38:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Connection: keep-alive
Set-Cookie: CMID=YLP32J7peXgTXanbUtUQwgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 20:38:48 GMT CMPS=5155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 20:38:48 GMT CMPRO=1150;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 20:38:48 GMT CMRUM3=2760b3f7d80b40&2d60b3f7d805a0&4160b3f7d805a0&5160b3f7d805a0&2960b3f7d805a00&be60b3f7d805a0&e660b3f7d82760&f160b3f7d805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 20:38:48 GMT CMST=YLP32GCz99gA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 31 May 2021 20:38:48 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 30 May 2021 20:38:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Connection: keep-alive
Set-Cookie: CMID=YLP32J7peXgTXanbUtUQwgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 20:38:48 GMT CMPS=5155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 20:38:48 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame EAB2 43 B
555 B 313ms
26ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Sun, 30 May 2021 20:38:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YLP32; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 73A0 8 KB
3 KB 296ms
34ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Wed, 21 Oct 2020 18:57:29 GMT
etag: "1300708-1f78-5b232eb4914bb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2654
content-type: text/html; charset=UTF-8
cache-control: max-age=100370
expires: Tue, 01 Jun 2021 00:31:38 GMT
date: Sun, 30 May 2021 20:38:48 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E71D 2 KB
818 B 284ms
25ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame D0A6 0
0 363ms
106ms Document
text/plain 208.100.17.173
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip173.208-100-17.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Sun, 30 May 2021 20:38:48 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 433E 38 KB
14 KB 34ms
34ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=168628
expires: Tue, 01 Jun 2021 19:29:16 GMT
date: Sun, 30 May 2021 20:38:48 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 433E 0
42 B 70ms
22ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79834779&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A10F 70 B
265 B 102ms
33ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLP32J7peXgTXanbUtUQwgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A10F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLP32J7peXgTXanbUtUQwgAABH4AAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLP32J7peXgTXanbUtUQwgAABH4AAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFeMBm9JMWGWsY2L6zpFEc&google_cver=1

43 B
315 B

47ms
47ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFeMBm9JMWGWsY2L6zpFEc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 30 May 2021 20:38:48 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFeMBm9JMWGWsY2L6zpFEc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A10F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLP32J7peXgTXanbUtUQwgAABH4AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLP32J7peXgTXanbUtUQwgAABH4AAAIB&dcc=t

43 B
433 B

97ms
97ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLP32J7peXgTXanbUtUQwgAABH4AAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLP32J7peXgTXanbUtUQwgAABH4AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A10F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLP32J7peXgTXanbUtUQwgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPrplPEYtNOouKa09KZ1j5I&google_cver=1&gdpr=1

43 B
1 KB

50ms
50ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPrplPEYtNOouKa09KZ1j5I&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 20:38:48 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPrplPEYtNOouKa09KZ1j5I&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame A10F
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622493528&gdpr=1

43 B
315 B

134ms
64ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622493528&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 30 May 2021 20:38:48 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622493528&gdpr=1
pragma: no-cache
date: Sun, 30 May 2021 20:38:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame A10F 0
0 65ms
62ms Image
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A10F
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=oPXrgPDy7Yu7_LmFr6ekgfensNC7o72B8v10iLD7

43 B
1013 B

117ms
49ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=oPXrgPDy7Yu7_LmFr6ekgfensNC7o72B8v10iLD7
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 20:38:48 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 20:38:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=oPXrgPDy7Yu7_LmFr6ekgfensNC7o72B8v10iLD7
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame A10F 43 B
408 B 108ms
33ms Image
image/gif 72.251.241.206
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 20:38:48 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-4
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame A10F 43 B
341 B 133ms
131ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLP32J7peXgTXanbUtUQwgAABH4AAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 20:38:48 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2cKODcAoI4fuFeeHyVNJksQeWVwIfmn1%2BhPnI9XJC7wvdnHxKMd3mW9IUiVnj6wKA8c%2FEbMkTj6Ji5K9No4zATZa6sPVrd3Oh4r9n0eP7F7UjQunoBqQABN%2BpKIS85egR6uKcuLy4OD4v7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 657ac4a99cbd2b22-FRA
content-length: 43
cf-request-id: 0a60993dfb00002b2251a97000000001

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			subdl.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cdf569482eaeb0c73b3f420d637a3d9b

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 2.1.4
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://tag.vlitag.com/v1/1622364808/a38e0e0ce56e7c0101eaca269533bc36.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://script.clickadilla.com/banner-admanager/build.js(Line 9) Message: Banner for AdManager. Version: 0.0459508890292315
console-api	warning	URL: https://script.clickadilla.com/banner-admanager/build.js(Line 9) Message: No banner mount target found: [data-clickadilla-banner="1066"]
console-api	warning	URL: https://script.clickadilla.com/banner-admanager/build.js(Line 9) Message: No banner mount target found: [data-clickadilla-banner="1065"]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
ajax.cloudflare.com
ap.lijit.com
assets.vlitag.com
bidder.criteo.com
casale-match.dotomi.com
cdn.betgorebysson.club
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
cst.cstwpush.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eondunpea.com
fonts.googleapis.com
fonts.gstatic.com
forzubatr.com
googleads.g.doubleclick.net
gum.criteo.com
i.picsum.photos
ib.adnxs-simple.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
in-page-push.com
in.pdvacde.com
js.wpushsdk.com
logs.vlitag.com
match.adsrvr.org
media.vlitag.com
ms.quantumdex.io
my.rtmark.net
na.nawpush.com
nep.advangelists.com
onetag-sys.com
pagead2.googlesyndication.com
picsum.photos
pixel.advertising.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r1---sn-4g5ednly.googlevideo.com
redirector.googlevideo.com
s.amazon-adsystem.com
script.clickadilla.com
securepubads.g.doubleclick.net
services.vlitag.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cdnativepush.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
subdl.com
sync.go.sonobi.com
sync.quantumdex.io
tag.vlitag.com
u-ams02.e-planning.net
unsplash.it
ups.analytics.yahoo.com
useast.quantumdex.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.108.144.214
104.108.145.8
13.248.242.197
136.144.59.88
139.45.195.8
139.45.197.15
139.45.197.188
139.45.197.238
142.250.185.162
142.250.186.130
176.31.68.242
178.162.133.149
178.250.0.165
18.156.0.31
18.197.99.6
185.184.8.65
185.33.221.14
185.64.189.110
185.64.190.78
205.185.216.10
208.100.17.173
213.174.135.24
216.52.2.48
2606:4700:20::681a:34e
2606:4700:20::681a:51e
2606:4700:20::681a:fee
2606:4700:20::ac43:4597
2606:4700:3031::ac43:dd65
2606:4700:3033::6815:2903
2606:4700::6810:5f41
2606:4700::6810:a823
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:67::6
2a00:1450:4001:801::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c0a::9d
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:13::1370
2a04:4e42:1b::621
34.199.94.111
37.252.172.45
46.249.52.248
5.178.65.246
51.38.120.206
54.239.17.112
72.251.241.206
88.208.30.231
88.212.252.2
068691e9b48173f74bf194cf9aa42b9afc1ca76c22b995d697930dee2d24bc7a
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0ff985bfac8da605b2f46ea3a7c6d2a50f725439fd2684b54c622e35f19d2438
14c6705c25a94eb0f4a37c08f800440f37e0dbb773bf6e21d9b76bf52649e3ac
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b75db0e5722775eab0dd769853b3db1f5da999aaabbb8b30bb9fb69e2bfd2cf
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
2040acc744f6c4a76f64539b0097f52733d4478267b8a53a4592b6de145d6a9b
221f05ec2aa8bca98331a04f48bc748e9b9443fb45508b70990cab33b8f0bf23
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
29f293142b202afb2cc5a3ffaf273b8579d619481adbff6e08f4ca7830599650
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
305e27dfadd64ccb372b15c4e2405e85929240ee5a616a979631d1a0b11accf3
3147f8a14b0c4402290dc9371bfff77f6de623094fb85de0f6e61ad9f610d90c
361472c6e961367391bd6afce98b88e0ad898754714697c8c2f8cdfb2030f106
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
49dc778964fc56eb336f016c06bb3495f04e3361df58f983dd18c4c953fdd193
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb63fdc7730a350373555327d3cc2ce80e133a98f80ab3e96a0c489c267aaf5
4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
664e375a7c6ca8d749dd3aa12d9ad7dd1cc6429b3ff4e28f4e0e6730d21faa8b
66df1c0b4e9ce39a2feaa011c519a0b255b1f9581bdf951b58ef84e26fcfb73f
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6b319959359eed631e2da73311f8d977a108860f3aa5b6788cd82e7889b13be3
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
79128d82f7e974b8b7a7837efe69cf291fb863ee14c352bce1564d22a249ea7d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87c3dc773b6a3cd4db0a619c65ce20a8048528dd76de853f48a540c413f80c07
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9215fc34631289f9f16383c00a9f3db148b90668b008f3bfd1781e4bff26cb7f
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ada04fb27b7c30ac9db7aa926cc05e9d2abbf28b0851372dcb3ee126993841ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b734a59cb8f00325947013015c6b87191d75653bdd442b2a8164752eb2e5f642
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
c1ad46afb5222d60cb852eff703d03cc19fdf3f8b72f822b28dce42c369b454e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
dc7d71e7d5d945325845bb111de15e91913c771d8ec2903a6d88031151c21c77
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ce2fa8bb72095774c5bae58dbaadce9997155424f273e7fe8defb902883e59
ea71037c0c2250b0ee169877edc7446a5e2449a20cd7140474a747fabd1bb1b3
ea836eb35570831dcf025e8395371d165576a46808b5c1d3f0b1ed347820a631
eb70b93032fd0245c69ed84d9ed40b186b48b9d3cf4949e44332d7ff7837e697
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb45127d9af4090730e9c5a05d0ac3753d821e722d9e99b5faa406f198cba4a
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

subdl.com Open in urlscan Pro 2606:4700:3031::ac43:dd65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

45 %IPv6

51 Domains

70 Subdomains

47 IPs

7 Countries

1362 kBTransfer

3650 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

subdl.com Open in urlscan Pro
2606:4700:3031::ac43:dd65 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

45 %
IPv6

51
Domains

70
Subdomains

47
IPs

7
Countries

1362 kB
Transfer

3650 kB
Size

1
Cookies

103 HTTP transactions
0 data transactions