430772605.pub.ezanga.com Open in urlscan Pro
75.126.40.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2F...
Submission: On April 29 via manual (April 29th 2019, 3:24:19 pm UTC) from US

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 24 domains to perform 32 HTTP transactions. The main IP is 75.126.40.124, located in Dallas, United States and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is 430772605.pub.ezanga.com.

This is the only time 430772605.pub.ezanga.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	75.126.40.124 75.126.40.124	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	34.218.3.225 34.218.3.225	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	184.31.90.128 184.31.90.128	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	34.251.85.190 34.251.85.190	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700::68... 2606:4700::6811:704f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	80.231.241.58 80.231.241.58	6453 (AS6453) (AS6453 - TATA COMMUNICATIONS (AMERICA) INC)
2	2606:4700::68... 2606:4700::6811:ce4a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
15 21	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	34.224.247.57 34.224.247.57	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE - Google LLC)
5 5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	136.144.49.28 136.144.49.28	54825 (PACKET) (PACKET - Packet Host)
1	195.181.174.2 195.181.174.2	60068 (CDN77) (CDN77)
1	34.231.62.224 34.231.62.224	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	34.242.41.222 34.242.41.222	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
1	52.0.206.42 52.0.206.42	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	54.72.169.137 54.72.169.137	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	52.57.68.107 52.57.68.107	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	185.33.223.210 185.33.223.210	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	151.101.0.166 151.101.0.166	54113 (FASTLY) (FASTLY - Fastly)
1	213.19.162.80 213.19.162.80	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
32	23

1 75.126.40.124 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 7c.28.7e4b.ip4.static.sl-reverse.com

430772605.pub.ezanga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.218.3.225 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-218-3-225.us-west-2.compute.amazonaws.com

exchange.bdex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.179 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.90.128 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-90-128.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.85.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-85-190.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:704f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 80.231.241.58 (Paris, France) 1 redirects

ASN6453 (AS6453 - TATA COMMUNICATIONS (AMERICA) INC, US)

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:ce4a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 159.253.128.183 (Amsterdam, Netherlands) 15 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.247.57 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-224-247-57.compute-1.amazonaws.com

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.241.32 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (Mountain View, United States) 5 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.144.49.28 (Netherlands) 2 redirects

ASN54825 (PACKET - Packet Host, Inc., US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.174.2 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-1.cdn77.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.62.224 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-231-62-224.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.41.222 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-242-41-222.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.206.42 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-206-42.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.169.137 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-169-137.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.68.107 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-68-107.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.210 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	simpli.fi 15 redirects i.simpli.fi um.simpli.fi	12 KB
6	doubleclick.net 6 redirects cm.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	3 KB
3	exelator.com 2 redirects loadm.exelator.com load77.exelator.com	2 KB
3	pro-market.net 2 redirects fei.pro-market.net pbid.pro-market.net	1 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	anura.io script.anura.io ads.anura.io	10 KB
2	openx.net 1 redirects us-u.openx.net	599 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	1 KB
2	bluekai.com tags.bluekai.com stags.bluekai.com	329 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	contextweb.com bh.contextweb.com	588 B
1	adnxs.com ib.adnxs.com	836 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	271 B
1	googleadservices.com 1 redirects www.googleadservices.com	311 B
1	rlcdn.com idsync.rlcdn.com	34 B
1	bfmio.com sync.bfmio.com	444 B
1	intentiq.com sync.intentiq.com	502 B
1	bkrtx.com tags.bkrtx.com	10 KB
1	bdex.com exchange.bdex.com
1	ezanga.com 430772605.pub.ezanga.com	2 KB
32	24

	Domain	Requested by
21	um.simpli.fi	15 redirects 430772605.pub.ezanga.com
5	cm.g.doubleclick.net	5 redirects
4	bcp.crwdcntrl.net	2 redirects 430772605.pub.ezanga.com
3	b.scorecardresearch.com	1 redirects 430772605.pub.ezanga.com
2	us-u.openx.net	1 redirects 430772605.pub.ezanga.com
2	sync.search.spotxchange.com	1 redirects 430772605.pub.ezanga.com
2	ce.lijit.com	1 redirects 430772605.pub.ezanga.com
2	loadm.exelator.com	2 redirects
2	fei.pro-market.net	2 redirects
2	script.anura.io	430772605.pub.ezanga.com script.anura.io
2	i.simpli.fi	430772605.pub.ezanga.com i.simpli.fi
1	pixel.rubiconproject.com	430772605.pub.ezanga.com
1	bh.contextweb.com	430772605.pub.ezanga.com
1	ib.adnxs.com	430772605.pub.ezanga.com
1	www.google.de	430772605.pub.ezanga.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	idsync.rlcdn.com	430772605.pub.ezanga.com
1	stags.bluekai.com	430772605.pub.ezanga.com
1	sync.bfmio.com	430772605.pub.ezanga.com
1	load77.exelator.com	430772605.pub.ezanga.com
1	pbid.pro-market.net	430772605.pub.ezanga.com
1	tags.bluekai.com	tags.bkrtx.com
1	sync.intentiq.com	430772605.pub.ezanga.com
1	ads.anura.io	script.anura.io
1	tags.bkrtx.com	430772605.pub.ezanga.com
1	exchange.bdex.com	430772605.pub.ezanga.com
1	430772605.pub.ezanga.com
32	31

This site contains no links.

Subject Issuer	Validity	Valid
*.bdex.com Go Daddy Secure Certificate Authority - G2	`2018-03-17` - `2019-05-16`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
*.intentiq.com Amazon	`2019-04-25` - `2020-05-25`	a year	crt.sh
*.pro-market.net Gandi Standard SSL CA 2	`2018-08-20` - `2020-08-20`	2 years	crt.sh
1605158521.rsc.cdn77.org Let's Encrypt Authority X3	`2019-04-22` - `2019-07-21`	3 months	crt.sh
*.bfmio.com Go Daddy Secure Certificate Authority - G2	`2016-09-05` - `2019-09-05`	3 years	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2016-06-28` - `2019-06-28`	3 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2020-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
www.google.de Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
sync.search.spotxchange.com GeoTrust RSA CA 2018	`2018-02-20` - `2019-05-25`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Frame ID: 54E4C4083A9DD1011A6DB8FBB619CB4E
Requests: 31 HTTP requests in this frame

Frame: http://tags.bluekai.com/site/20675?ret=html&phint=category%3Dfinance&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2F430772605.pub.ezanga.com%2Ftags.php%3Fkw%3Doffice%2Bbusiness%26cat%3Dfinance%26ip%3D38.104.203.106%26s%3D2430772605%26c%3D19832%26ref%3Dhttp%253A%252F%252Fcherrycreekschools.org&r=46789794
Frame ID: 0E6833F72D8EC29196C1B378E1CD2116
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

Page Statistics

32
Requests

69 %
HTTPS

20 %
IPv6

24
Domains

31
Subdomains

23
IPs

7
Countries

37 kB
Transfer

59 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://bcp.crwdcntrl.net/5/c=7079/int=financeh/int=office+business/int=ezanga.com HTTP 302
http://bcp.crwdcntrl.net/5/ct=y/c=7079/int=financeh/int=office+business/int=ezanga.com

Request Chain 6

http://b.scorecardresearch.com/b?c1=8&c2=8287123&c3=3458788064&ns__t=1556551439719&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F430772605.pub.ezanga.com%2Ftags.php%3Fkw%3Doffice%2Bbusiness%26cat%3Dfinance%26ip%3D38.104.203.106%26s%3D2430772605%26c%3D19832%26ref%3Dhttp%253A%252F%252Fcherrycreekschools.org&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=8&c2=8287123&c3=3458788064&ns__t=1556551439719&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F430772605.pub.ezanga.com%2Ftags.php%3Fkw%3Doffice%2Bbusiness%26cat%3Dfinance%26ip%3D38.104.203.106%26s%3D2430772605%26c%3D19832%26ref%3Dhttp%253A%252F%252Fcherrycreekschools.org&c9=

Request Chain 11

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B38932A90F17C75CD37978A80200D616

Request Chain 15

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=B780FD9F1017C75CCFB9ABC202E17483;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=B780FD9F1017C75CCFB9ABC202E17483;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm=&google_sc=&google_tc= HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEFI5fqTMgMVlDDVkGakKSsc&google_cver=1

Request Chain 16

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=B780FD9F1017C75CCFB9ABC202E17483&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=B780FD9F1017C75CCFB9ABC202E17483&j=0&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 18

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=B780FD9F1017C75CCFB9ABC202E17483

Request Chain 19

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=B780FD9F1017C75CCFB9ABC202E17483

Request Chain 20

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B780FD9F1117C75CCFB9ABC202FE7483 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B780FD9F1117C75CCFB9ABC202FE7483

Request Chain 21

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B780FD9F1117C75CCFB9ABC202FE7483 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B780FD9F1117C75CCFB9ABC202FE7483&dnr=1

Request Chain 22

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=B780FD9F1117C75CCFB9ABC202FE7483

Request Chain 23

https://aa.agkn.com/adscores/g.pixel?sid=9201915418 HTTP 302
https://d.agkn.com/pixel/5502/?sk=164451303040000582327&pd=&l0=https://um.simpli.fi/aa_px?sk=164451303040000582327 HTTP 302
https://um.simpli.fi/aa_px?sk=164451303040000582327

Request Chain 24

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1556551440324&cv=7&fst=1556551440324&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=485081106&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=EhfHXP2vAcHr3wP40JTYBA&sscte=1&crd=&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=485081106&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=EhfHXP2vAcHr3wP40JTYBA&random=3039046558 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=485081106&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=EhfHXP2vAcHr3wP40JTYBA&random=3039046558&ipr=y

Request Chain 25

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B780FD9F1117C75CCFB9ABC202FE7483 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B780FD9F1117C75CCFB9ABC202FE7483&__user_check__=1&sync_id=d15e53cc-6a92-11e9-9ccd-1a27ea400b06

Request Chain 26

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=B780FD9F1117C75CCFB9ABC202FE7483

Request Chain 27

https://um.simpli.fi/cw_match HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B780FD9F1117C75CCFB9ABC202FE7483

Request Chain 28

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B780FD9F1217C75CCFB9ABC202097583&expires=365

Request Chain 29

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B780FD9F1217C75CCFB9ABC2020A7583 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B780FD9F1217C75CCFB9ABC2020A7583

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEASJkNG76IvarodetlzemEI&google_cver=1 HTTP 302
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B780FD9F1217C75CCFB9ABC2020A7583 HTTP 302
https://um.simpli.fi/g_match?id=

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request tags.php Show response
430772605.pub.ezanga.com/ 2 KB
2 KB 278ms
128ms Document
text/html 75.126.40.124
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

HTTP/1.1

Server

75.126.40.124 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

7c.28.7e4b.ip4.static.sl-reverse.com

Software

Apache /

Resource Hash

a134539bd908164f997676d1e95013fc3907296401e8e947b64fd37e2bf22887

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' data: .anura.io .scorecardresearch.com .bdex.com .simpli.fi .bkrtx.com .chango.com; style-src 'self' 'unsafe-inline'; img-src 'self' ; object-src 'self'; media-src 'self'; frame-src 'self' .bluekai.com; font-src 'self'; connect-src 'self' *.anura.io; report-uri /rvcsp.php?rvid=
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: 430772605.pub.ezanga.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 15:23:59 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: Mon, 16 Feb 1987 05:00:00 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' data: *.anura.io *.scorecardresearch.com *.bdex.com *.simpli.fi *.bkrtx.com *.chango.com; style-src 'self' 'unsafe-inline'; img-src 'self' *; object-src 'self'; media-src 'self'; frame-src 'self' *.bluekai.com; font-src 'self'; connect-src 'self' *.anura.io; report-uri /rvcsp.php?rvid=
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1192
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bdexSeller.jsp
exchange.bdex.com/bdex/ 0
0 4377ms
187ms Image
text/xml 34.218.3.225
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bdex.com/bdex/bdexSeller.jsp?bdexPartnerAccountId=43&sellerCampaignId=271&industryId=308&customerUserId=&datasetClass=Interest&stockInvesting=&financialNews=&financialResearch=&financialMarketSymbol=&tickerSymbol=&ira401k=&creditRepair=&creditCard=&insurance=&refinance=&refinanceMortgage=&stockFundResearch=&loan=&loanType=&audienceClass=
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.218.3.225 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-218-3-225.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK dpx.js Show response
i.simpli.fi/ 2 KB
3 KB 81ms
28ms Script
application/javascript 169.50.137.179
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

http://i.simpli.fi/dpx.js?cid=6908&m=1&quid=office+business&referrer=http%3A%2F%2Fcherrycreekschools.org

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

HTTP/1.1

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Mon, 29 Apr 2019 15:23:59 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1998
x-request-id: 2mcvmicmes8srstus4mghe71
Expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 31 KB
10 KB 1051ms
13ms Script
text/javascript 184.31.90.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Server: 184.31.90.128 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-128.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 15:24:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jul 2018 20:07:28 GMT
Server: Apache
ETag: "3160052-7a94-571b031e6f476"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10358
Expires: Mon, 06 May 2019 15:24:00 GMT

GET
H/1.1

200
OK

int=ezanga.com
bcp.crwdcntrl.net/5/ct=y/c=7079/int=financeh/int=office+business/
Redirect Chain

http://bcp.crwdcntrl.net/5/c=7079/int=financeh/int=office+business/int=ezanga.com
http://bcp.crwdcntrl.net/5/ct=y/c=7079/int=financeh/int=office+business/int=ezanga.com

49 B
1 KB

64ms
63ms

Image
image/gif

34.251.85.190
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bcp.crwdcntrl.net/5/ct=y/c=7079/int=financeh/int=office+business/int=ezanga.com
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Server: 34.251.85.190 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-85-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:00 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.26.16.86
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:00 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: http://bcp.crwdcntrl.net/5/ct=y/c=7079/int=financeh/int=office+business/int=ezanga.com
Cache-Control: no-cache
X-Server: 10.26.20.106
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK request.js Show response
script.anura.io/ 21 KB
9 KB 185ms
156ms Script
application/javascript 2606:4700::6811:704f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://script.anura.io/request.js?instance=151323033&source=2430772605&campaign=19832&498705061734

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

HTTP/1.1

Server

2606:4700::6811:704f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d02fa1414c434118d69980e23b5adaf16d992348ed6afcb4f6dd79526921be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:23:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
CF-RAY: 4cf247c20ce197b6-FRA
Expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 61ms
23ms Script
application/x-javascript 80.231.241.58
TATA COMMUNICATIO...

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Server: 80.231.241.58 Paris, France, ASN6453 (AS6453 - TATA COMMUNICATIONS (AMERICA) INC, US),
Reverse DNS
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 15:23:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Tue, 30 Apr 2019 15:23:59 GMT

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=8&c2=8287123&c3=3458788064&ns__t=1556551439719&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F430772605.pub.ezanga.com%2Ftags.php%3Fkw%3Doffice%2Bbusiness%26cat%3Dfinance...
http://b.scorecardresearch.com/b2?c1=8&c2=8287123&c3=3458788064&ns__t=1556551439719&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F430772605.pub.ezanga.com%2Ftags.php%3Fkw%3Doffice%2Bbusiness%26cat%3Dfinanc...

0
248 B

25ms
24ms

Image
text/plain

80.231.241.58
TATA COMMUNICATIO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=8&c2=8287123&c3=3458788064&ns__t=1556551439719&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F430772605.pub.ezanga.com%2Ftags.php%3Fkw%3Doffice%2Bbusiness%26cat%3Dfinance%26ip%3D38.104.203.106%26s%3D2430772605%26c%3D19832%26ref%3Dhttp%253A%252F%252Fcherrycreekschools.org&c9=
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Server: 80.231.241.58 Paris, France, ASN6453 (AS6453 - TATA COMMUNICATIONS (AMERICA) INC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:23:59 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=8&c2=8287123&c3=3458788064&ns__t=1556551439719&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2F430772605.pub.ezanga.com%2Ftags.php%3Fkw%3Doffice%2Bbusiness%26cat%3Dfinance%26ip%3D38.104.203.106%26s%3D2430772605%26c%3D19832%26ref%3Dhttp%253A%252F%252Fcherrycreekschools.org&c9=
Pragma: no-cache
Date: Mon, 29 Apr 2019 15:23:59 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 751 B
1 KB 611ms
27ms Script
application/javascript 169.50.137.179
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_11519967243749._hp

Requested by

Host: i.simpli.fi
URL: http://i.simpli.fi/dpx.js?cid=6908&m=1&quid=office+business&referrer=http%3A%2F%2Fcherrycreekschools.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

b356d52c4abab2b747c840249a2dec7a0992cb257ea1b4a2ad11218e6f6a60ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 29 Apr 2019 15:24:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
status: 200
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK showads.js Show response
ads.anura.io/ 0
518 B 188ms
148ms XHR
application/javascript 2606:4700::6811:ce4a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.anura.io/showads.js?454579069097
Requested by: Host: script.anura.io
URL: http://script.anura.io/request.js?instance=151323033&source=2430772605&campaign=19832&498705061734
Protocol: HTTP/1.1
Server: 2606:4700::6811:ce4a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Origin: http://430772605.pub.ezanga.com

Response headers

Date: Mon, 29 Apr 2019 15:24:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4cf247c37a4a64db-FRA

POST
H/1.1 200
OK response.json Show response
script.anura.io/ 44 B
737 B 331ms
320ms XHR
application/json 2606:4700::6811:ce4a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: http://script.anura.io/request.js?instance=151323033&source=2430772605&campaign=19832&498705061734

Protocol

HTTP/1.1

Server

2606:4700::6811:ce4a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

927bc74761a4bef138fc6000309b787567f3d4fc4488a39c542b7482d6449bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Origin: http://430772605.pub.ezanga.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
CF-RAY: 4cf247c4cce2c2a1-FRA
Expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 nexage
um.simpli.fi/ 43 B
361 B 109ms
25ms Image
image/gif 159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 15:24:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

GET
H/1.1

200
OK

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B38932A90F17C75CD37978A80200D616

43 B
502 B

455ms
110ms

Image
image/gif

34.224.247.57
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B38932A90F17C75CD37978A80200D616
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.247.57 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-247-57.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:23:59 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 29 Apr 2019 15:24:00 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B38932A90F17C75CD37978A80200D616
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1 200
OK 20675
tags.bluekai.com/site/ Frame 0E68 0
0 402ms
266ms Document
text/html 104.111.241.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.bluekai.com/site/20675?ret=html&phint=category%3Dfinance&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2F430772605.pub.ezanga.com%2Ftags.php%3Fkw%3Doffice%2Bbusiness%26cat%3Dfinance%26ip%3D38.104.203.106%26s%3D2430772605%26c%3D19832%26ref%3Dhttp%253A%252F%252Fcherrycreekschools.org&r=46789794
Requested by: Host: tags.bkrtx.com
URL: http://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Server: 104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-241-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: tags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 71b1
Date: Mon, 29 Apr 2019 15:24:01 GMT
Connection: keep-alive
X-N: S

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
361 B 25ms
24ms Image
image/gif 159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 15:24:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

GET
H2 200 freewheel
um.simpli.fi/ 43 B
440 B 26ms
25ms Image
image/gif 159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 15:24:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=B780FD9F1017C75CCFB9ABC202E17483;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=B780FD9F1017C75CCFB9ABC202E17483;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm=&google_sc=&google_tc=
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEFI5fqTMgMVlDDVkGakKSsc&google_cver=1

43 B
415 B

32ms
15ms

Image
image/gif

2600:1901:0:8eee::
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEFI5fqTMgMVlDDVkGakKSsc&google_cver=1
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1901:0:8eee:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Apr 2019 15:24:00 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Apr 2019 15:24:01 GMT
server: HTTP server (unknown)
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEFI5fqTMgMVlDDVkGakKSsc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel.gif
load77.exelator.com/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=B780FD9F1017C75CCFB9ABC202E17483&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=B780FD9F1017C75CCFB9ABC202E17483&j=0&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
272 B

15ms
14ms

Image
image/gif

195.181.174.2
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.174.2 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-1.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 15:24:01 GMT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
access-control-allow-origin: *
x-edge-location: frankfurtDE
etag: "59f0c3fc-2b"
x-cache: HIT
content-type: image/gif
status: 200
x-edge-ip: 195.181.174.1
x-age: 341922
accept-ranges: bytes
content-length: 43

Redirect headers

date: Mon, 29 Apr 2019 15:24:01 GMT
server: nginx/1.14.0
x-powered-by: Undertow/1
location: https://load77.exelator.com/pixel.gif
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status: 302
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
361 B 25ms
21ms Image
image/gif 159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 15:24:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

GET
H/1.1

200
OK

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=B780FD9F1017C75CCFB9ABC202E17483

37 B
444 B

496ms
113ms

Image
image/gif

34.231.62.224
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=B780FD9F1017C75CCFB9ABC202E17483
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.62.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-231-62-224.compute-1.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

access-control-allow-origin: *
Connection: keep-alive
Content-Length: 37
Content-Type: image/gif

Redirect headers

date: Mon, 29 Apr 2019 15:24:01 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://sync.bfmio.com/sync?pid=141&uid=B780FD9F1017C75CCFB9ABC202E17483
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=B780FD9F1017C75CCFB9ABC202E17483

62 B
329 B

800ms
523ms

Image
image/gif

104.111.241.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=B780FD9F1017C75CCFB9ABC202E17483
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-241-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 15:24:02 GMT
X-N: S
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 366b
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

date: Mon, 29 Apr 2019 15:24:01 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://stags.bluekai.com/site/29931?id=B780FD9F1017C75CCFB9ABC202E17483
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1

200
OK

tpid=B780FD9F1117C75CCFB9ABC202FE7483
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B780FD9F1117C75CCFB9ABC202FE7483
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B780FD9F1117C75CCFB9ABC202FE7483

49 B
1 KB

106ms
105ms

Image
image/gif

34.242.41.222
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B780FD9F1117C75CCFB9ABC202FE7483
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.41.222 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-242-41-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:02 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.26.20.168
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:01 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B780FD9F1117C75CCFB9ABC202FE7483
Cache-Control: no-cache
X-Server: 10.26.5.251
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=B780FD9F1117C75CCFB9ABC202FE7483
https://ce.lijit.com/merge?pid=2&3pid=B780FD9F1117C75CCFB9ABC202FE7483&dnr=1

43 B
580 B

20ms
19ms

Image
image/gif

216.52.2.19
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B780FD9F1117C75CCFB9ABC202FE7483&dnr=1
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:02 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap4ams1
Content-Type: image/gif
Content-Length: 43
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:02 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=B780FD9F1117C75CCFB9ABC202FE7483&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap4ams1
Content-Length: 0
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

204

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=B780FD9F1117C75CCFB9ABC202FE7483

0
34 B

340ms
107ms

Image
text/plain

52.0.206.42
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=B780FD9F1117C75CCFB9ABC202FE7483
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.206.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-206-42.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Mon, 29 Apr 2019 15:24:02 GMT

Redirect headers

date: Mon, 29 Apr 2019 15:24:01 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://idsync.rlcdn.com/419566.gif?partner_uid=B780FD9F1117C75CCFB9ABC202FE7483
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9201915418
https://d.agkn.com/pixel/5502/?sk=164451303040000582327&pd=&l0=https://um.simpli.fi/aa_px?sk=164451303040000582327
https://um.simpli.fi/aa_px?sk=164451303040000582327

43 B
228 B

42ms
27ms

Image
image/gif

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.simpli.fi/aa_px?sk=164451303040000582327
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: b7.80.fd9f.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Apr 2019 15:24:02 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:02 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164451303040000582327
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1556551440324&cv=7&fst=1556551440324&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=485081106&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=fa...
https://www.google.com/pagead/1p-conversion/1026675585/?random=485081106&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=...
https://www.google.de/pagead/1p-conversion/1026675585/?random=485081106&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&...

42 B
109 B

24ms
24ms

Image
image/gif

2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=485081106&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=EhfHXP2vAcHr3wP40JTYBA&random=3039046558&ipr=y

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Apr 2019 15:24:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Apr 2019 15:24:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=485081106&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=EhfHXP2vAcHr3wP40JTYBA&random=3039046558&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B780FD9F1117C75CCFB9ABC202FE7483
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B780FD9F1117C75CCFB9ABC202FE7483&__user_check__=1&sync_id=d15e53cc-6a92-11e9-9ccd-1a27ea400b06

43 B
526 B

27ms
22ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B780FD9F1117C75CCFB9ABC202FE7483&__user_check__=1&sync_id=d15e53cc-6a92-11e9-9ccd-1a27ea400b06
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 15:24:02 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 136
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 29 Apr 2019 15:24:02 GMT
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: /partner?adv_id=7797&uid=B780FD9F1117C75CCFB9ABC202FE7483&__user_check__=1&sync_id=d15e53cc-6a92-11e9-9ccd-1a27ea400b06
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 26
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=B780FD9F1117C75CCFB9ABC202FE7483

43 B
836 B

94ms
19ms

Image
image/gif

185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=B780FD9F1117C75CCFB9ABC202FE7483

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:04 GMT
AN-X-Request-Uuid: 3f9936ca-4fd4-4813-bfef-f2b690ea6cb7
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 83.97.23.20; 83.97.23.20; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Mon, 29 Apr 2019 15:24:02 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://ib.adnxs.com/setuid?entity=66&code=B780FD9F1117C75CCFB9ABC202FE7483
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/
Redirect Chain

https://um.simpli.fi/cw_match
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B780FD9F1117C75CCFB9ABC202FE7483

49 B
588 B

102ms
33ms

Image
image/gif

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B780FD9F1117C75CCFB9ABC202FE7483
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: envoy /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 15:24:02 GMT
Via: 1.1 varnish
Transfer-Encoding: chunked
X-Cache: MISS
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-Served-By: cache-hhn1545-HHN
server: envoy
content-language: en
expires: -1
cache-control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-f4b6bdcf9-rdgzp
X-Cache-Hits: 0

Redirect headers

date: Mon, 29 Apr 2019 15:24:02 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B780FD9F1117C75CCFB9ABC202FE7483
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B780FD9F1217C75CCFB9ABC202097583&expires=365

42 B
371 B

32ms
31ms

Image
image/gif

213.19.162.80
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B780FD9F1217C75CCFB9ABC202097583&expires=365
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.80 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 15:24:01 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: 96t67XNfLngR47qR471MXA
Expires: 0

Redirect headers

date: Mon, 29 Apr 2019 15:24:02 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B780FD9F1217C75CCFB9ABC202097583&expires=365
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B780FD9F1217C75CCFB9ABC2020A7583
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B780FD9F1217C75CCFB9ABC2020A7583

43 B
256 B

32ms
29ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B780FD9F1217C75CCFB9ABC2020A7583
Requested by: Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.134.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Apr 2019 15:24:02 GMT
server: OXGW/16.134.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Mon, 29 Apr 2019 15:24:02 GMT
server: OXGW/16.134.0
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B780FD9F1217C75CCFB9ABC2020A7583
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEASJkNG76IvarodetlzemEI&google_cver=1
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B780FD9F1217C75CCFB9ABC2020A7583
https://um.simpli.fi/g_match?id=

0
272 B

28ms
25ms

Image
text/plain

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: 430772605.pub.ezanga.com
URL: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://430772605.pub.ezanga.com/tags.php?kw=office+business&cat=finance&ip=38.104.203.106&s=2430772605&c=19832&ref=http%3A%2F%2Fcherrycreekschools.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Mon, 29 Apr 2019 15:24:02 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

pragma: no-cache
date: Mon, 29 Apr 2019 15:24:02 GMT
server: HTTP server (unknown)
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' data: .anura.io .scorecardresearch.com .bdex.com .simpli.fi .bkrtx.com .chango.com; style-src 'self' 'unsafe-inline'; img-src 'self' ; object-src 'self'; media-src 'self'; frame-src 'self' .bluekai.com; font-src 'self'; connect-src 'self' *.anura.io; report-uri /rvcsp.php?rvid=
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

430772605.pub.ezanga.com
aa.agkn.com
ads.anura.io
b.scorecardresearch.com
bcp.crwdcntrl.net
bh.contextweb.com
ce.lijit.com
cm.g.doubleclick.net
d.agkn.com
exchange.bdex.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
load77.exelator.com
loadm.exelator.com
pbid.pro-market.net
pixel.rubiconproject.com
script.anura.io
stags.bluekai.com
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tags.bkrtx.com
tags.bluekai.com
um.simpli.fi
us-u.openx.net
www.google.com
www.google.de
www.googleadservices.com
104.111.241.32
136.144.49.28
151.101.0.166
159.253.128.183
169.50.137.179
172.217.16.130
172.217.22.34
173.241.240.143
184.31.90.128
185.33.223.210
185.94.180.126
195.181.174.2
213.19.162.80
216.52.2.19
2600:1901:0:8eee::
2606:4700::6811:704f
2606:4700::6811:ce4a
2a00:1450:4001:808::2003
2a00:1450:4001:814::2002
2a00:1450:4001:81f::2004
34.218.3.225
34.224.247.57
34.231.62.224
34.242.41.222
34.251.85.190
52.0.206.42
52.57.68.107
54.72.169.137
75.126.40.124
80.231.241.58
0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
927bc74761a4bef138fc6000309b787567f3d4fc4488a39c542b7482d6449bae
9d02fa1414c434118d69980e23b5adaf16d992348ed6afcb4f6dd79526921be7
a134539bd908164f997676d1e95013fc3907296401e8e947b64fd37e2bf22887
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b356d52c4abab2b747c840249a2dec7a0992cb257ea1b4a2ad11218e6f6a60ca
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

430772605.pub.ezanga.com Open in urlscan Pro 75.126.40.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

32 Requests

69 %HTTPS

20 %IPv6

24 Domains

31 Subdomains

23 IPs

7 Countries

37 kBTransfer

59 kBSize

0 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

430772605.pub.ezanga.com Open in urlscan Pro
75.126.40.124 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

69 %
HTTPS

20 %
IPv6

24
Domains

31
Subdomains

23
IPs

7
Countries

37 kB
Transfer

59 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions