urlscan.io logo urlscan.io
SecurityTrails logo

vast.gg Open in urlscan Pro
104.21.56.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/XJ0eEiJe3Z
Effective URL: https://vast.gg/
Submission: On January 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 8 countries across 101 domains to perform 554 HTTP transactions. The main IP is 104.21.56.203, located in and belongs to CLOUDFLARENET, US. The main domain is vast.gg.
TLS certificate: Issued by E1 on December 24th 2023. Valid for: 3 months.
This is the only time vast.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
15 104.21.56.203 13335 (CLOUDFLAR...)
1 172.217.13.168 15169 (GOOGLE)
4 172.217.13.138 15169 (GOOGLE)
24 89 172.217.13.98 15169 (GOOGLE)
4 45.79.246.226 63949 (AKAMAI-LI...)
2 192.0.73.2 2635 (AUTOMATTIC)
6 172.217.13.163 15169 (GOOGLE)
6 172.217.13.162 15169 (GOOGLE)
1 172.217.13.110 15169 (GOOGLE)
1 172.253.63.154 15169 (GOOGLE)
1 172.217.13.131 15169 (GOOGLE)
10 150.136.25.38 31898 (ORACLE-BM...)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 52.85.151.34 16509 (AMAZON-02)
14 172.217.13.130 15169 (GOOGLE)
1 18.160.10.101 16509 (AMAZON-02)
1 52.85.151.82 16509 (AMAZON-02)
3 162.19.138.82 16276 (OVH)
5 3.213.53.144 14618 (AMAZON-AES)
1 6 195.244.31.11 63140 (IGUANA-WO...)
5 104.36.115.111 62713 (AS-PUBMATIC)
5 8.43.72.113 26667 (RUBICONPR...)
6 22 104.18.36.155 13335 (CLOUDFLAR...)
7 13 147.28.129.140 54825 (PACKET)
3 69.166.1.32 27630 (AS-XFERNET)
11 19 68.67.179.166 29990 (ASN-APPNEX)
5 34.120.63.153 396982 (GOOGLE-CL...)
5 178.128.132.116 14061 (DIGITALOC...)
2 11 34.206.181.88 14618 (AMAZON-AES)
11 159.89.246.130 14061 (DIGITALOC...)
7 35.186.236.140 15169 (GOOGLE)
1 18.160.18.34 16509 (AMAZON-02)
5 3.162.114.30 16509 (AMAZON-02)
2 13.249.42.27 16509 (AMAZON-02)
2 104.22.52.86 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 18.160.46.56 16509 (AMAZON-02)
1 99.84.222.71 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
11 172.217.13.161 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
3 21 52.46.143.56 16509 (AMAZON-02)
1 34.197.228.249 14618 (AMAZON-AES)
1 3 34.98.64.218 396982 (GOOGLE-CL...)
3 4 18.235.40.85 14618 (AMAZON-AES)
10 13 15.197.193.217 16509 (AMAZON-02)
3 6 35.244.159.8 15169 (GOOGLE)
6 8 35.211.178.172 19527 (GOOGLE-2)
2 5 23.62.10.28 16625 (AKAMAI-AS)
3 3 54.147.5.36 14618 (AMAZON-AES)
3 51.222.239.230 16276 (OVH)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
1 2 34.196.72.246 14618 (AMAZON-AES)
1 6 52.70.20.227 14618 (AMAZON-AES)
10 23.56.163.106 16625 (AKAMAI-AS)
3 6 198.148.27.131 19189 (PULSEPOINT)
13 34.203.113.223 14618 (AMAZON-AES)
1 34.149.50.64 15169 (GOOGLE)
2 2 18.215.86.100 14618 (AMAZON-AES)
2 2 13.32.151.42 16509 (AMAZON-02)
4 4 199.38.167.131 54312 (ROCKETFUEL)
3 5 35.244.154.8 396982 (GOOGLE-CL...)
1 1 192.132.33.69 18568 (BIDTELLECT)
3 34.200.65.202 14618 (AMAZON-AES)
4 4 185.167.164.39 198622 (ADFORM)
5 172.217.13.196 15169 (GOOGLE)
1 1 67.202.105.21 32748 (STEADFAST)
12 12 8.28.7.82 62713 (AS-PUBMATIC)
5 5 8.28.7.83 62713 (AS-PUBMATIC)
7 10 69.166.1.35 27630 (AS-XFERNET)
1 1 35.214.221.128 15169 (GOOGLE)
8 23.56.162.28 16625 (AKAMAI-AS)
1 1 63.251.28.134 13789 (INTERNAP-...)
3 3 23.32.172.185 16625 (AKAMAI-AS)
1 44.216.133.79 14618 (AMAZON-AES)
68 172.217.13.198 15169 (GOOGLE)
5 75.101.132.149 14618 (AMAZON-AES)
2 4 23.56.163.154 16625 (AKAMAI-AS)
2 162.19.138.119 16276 (OVH)
1 192.184.68.254 14618 (AMAZON-AES)
2 2 35.208.249.213 19527 (GOOGLE-2)
2 2 38.68.201.140 174 (COGENT-174)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
1 1 20.237.30.240 8075 (MICROSOFT...)
5 5 64.202.112.255 22075 (AS-OUTBRAIN)
2 2 5.161.188.99 213230 (HETZNER-C...)
2 2 23.44.201.182 20940 (AKAMAI-ASN1)
8 10 162.19.138.116 16276 (OVH)
4 13.32.151.21 16509 (AMAZON-02)
3 99.84.208.59 16509 (AMAZON-02)
1 1 172.105.199.172 ()
1 202.233.84.1 131957 (MICROAD M...)
2 2 50.17.123.198 14618 (AMAZON-AES)
1 1 3.217.134.136 14618 (AMAZON-AES)
1 1 104.36.115.113 62713 (AS-PUBMATIC)
3 3 50.57.31.206 19994 (RACKSPACE)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 35.190.39.111 15169 (GOOGLE)
1 99.84.191.112 16509 (AMAZON-02)
8 172.217.13.102 15169 (GOOGLE)
3 172.64.99.35 13335 (CLOUDFLAR...)
1 18.165.98.63 16509 (AMAZON-02)
4 68.183.118.170 14061 (DIGITALOC...)
15 54.87.127.173 ()
2 2 54.146.35.99 14618 (AMAZON-AES)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
1 74.119.119.139 19750 (AS-CRITEO)
4 4 8.18.45.105 25751 (VALUECLICK)
2 2 54.227.205.3 14618 (AMAZON-AES)
1 1 74.119.119.150 19750 (AS-CRITEO)
2 2 35.207.24.140 15169 (GOOGLE)
1 34.242.96.184 16509 (AMAZON-02)
2 52.85.132.55 16509 (AMAZON-02)
1 172.240.155.84 7979 (SERVERS-COM)
2 2 63.251.86.50 ()
1 1 37.157.5.84 198622 (ADFORM)
1 1 162.248.18.34 62713 (AS-PUBMATIC)
1 1 131.153.242.59 19437 (SS-ASH)
6 172.64.98.35 13335 (CLOUDFLAR...)
1 5 18.160.10.111 16509 (AMAZON-02)
1 2 54.156.16.64 14618 (AMAZON-AES)
1 1 34.233.0.32 14618 (AMAZON-AES)
2 2 54.158.172.237 14618 (AMAZON-AES)
1 1 23.105.12.143 30633 (LEASEWEB-...)
1 1 211.120.53.205 4694 (IDCF IDC ...)
5 9 8.43.72.98 26667 (RUBICONPR...)
3 3 69.173.151.100 26667 (RUBICONPR...)
8 13 8.43.72.97 26667 (RUBICONPR...)
1 13.107.42.14 8068 (MICROSOFT...)
1 67.220.228.202 16509 (AMAZON-02)
1 1 13.32.151.98 16509 (AMAZON-02)
1 1 52.85.132.15 16509 (AMAZON-02)
1 13.249.39.79 16509 (AMAZON-02)
1 184.31.48.28 ()
554 94
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
15    104.21.56.203 (None, )

ASN13335 (CLOUDFLARENET, US)
vast.gg
1    172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net
www.googletagmanager.com
4    172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net
fonts.googleapis.com
89    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
4    45.79.246.226 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-45-79-246-226.nac.nodebalancer.linode.com
monu.delivery
2    192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
6    172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net
fonts.gstatic.com
6    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
googleads.g.doubleclick.net
1    172.217.13.110 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f14.1e100.net
analytics.google.com
1    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
stats.g.doubleclick.net
1    172.217.13.131 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f3.1e100.net
www.google.ca
10    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
monumetric.technoratimedia.com
2    172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    52.85.151.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-34.iad89.r.cloudfront.net
launchpad-wrapper.privacymanager.io
14    172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
1    18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
1    52.85.151.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-82.iad89.r.cloudfront.net
client.aps.amazon-adsystem.com
3    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
api.id5-sync.com
id5-sync.com
5    3.213.53.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-53-144.compute-1.amazonaws.com
g2.gumgum.com
6    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
hb-api.omnitagjs.com
visitor.omnitagjs.com
5    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    8.43.72.113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
22    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
13    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    69.166.1.32 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
19    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
5    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
5    178.128.132.116 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebid.cootlogix.com
11    34.206.181.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-181-88.compute-1.amazonaws.com
ads.yieldmo.com
11    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
7    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
1    18.160.18.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-34.iad12.r.cloudfront.net
launchpad.privacymanager.io
5    3.162.114.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-114-30.iad61.r.cloudfront.net
aax.amazon-adsystem.com
2    13.249.42.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-42-27.iad89.r.cloudfront.net
c.amazon-adsystem.com
2    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    18.160.46.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-56.iad55.r.cloudfront.net
tags.crwdcntrl.net
1    99.84.222.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-222-71.iad79.r.cloudfront.net
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
11    172.217.13.161 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f1.1e100.net
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
cdn.ampproject.org
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
21    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.197.228.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-228-249.compute-1.amazonaws.com
bcp.crwdcntrl.net
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
4    18.235.40.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-40-85.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
13    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
8    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
5    23.62.10.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-10-28.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
3    54.147.5.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-5-36.compute-1.amazonaws.com
match.prod.bidr.io
3    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
2    34.196.72.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-72-246.compute-1.amazonaws.com
rtb.gumgum.com
6    52.70.20.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-20-227.compute-1.amazonaws.com
match.sharethrough.com
10    23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
13    34.203.113.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-113-223.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
2    18.215.86.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-86-100.compute-1.amazonaws.com
i.liadm.com
2    13.32.151.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-42.iad66.r.cloudfront.net
live.rezync.com
4    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
5    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.69.bidtellect.com
bttrack.com
3    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
4    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net
www.google.com
1    67.202.105.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
12    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
10    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    35.214.221.128 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 128.221.214.35.bc.googleusercontent.com
csync.loopme.me
8    23.56.162.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-28.deploy.static.akamaitechnologies.com
contextual.media.net
1    63.251.28.134 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
3    23.32.172.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    44.216.133.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-133-79.compute-1.amazonaws.com
tlx.3lift.com
68    172.217.13.198 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net
s0.2mdn.net
5    75.101.132.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-132-149.compute-1.amazonaws.com
protected-by.clarium.io
4    23.56.163.154 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-154.deploy.static.akamaitechnologies.com
sync.teads.tv
2    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    192.184.68.254 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    20.237.30.240 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.temu.com
5    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    5.161.188.99 (Ashburn, United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.99.188.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
2    23.44.201.182 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-182.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
10    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
4    13.32.151.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-21.iad66.r.cloudfront.net
geo.privacymanager.io
3    99.84.208.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-59.iad79.r.cloudfront.net
check.analytics.rlcdn.com
1    172.105.199.172 (None, )

ASN- ()
a.c.appier.net
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
2    50.17.123.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-123-198.compute-1.amazonaws.com
match.360yield.com
1    3.217.134.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-134-136.compute-1.amazonaws.com
cc.adingo.jp
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    99.84.191.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-112.iad89.r.cloudfront.net
ats-wrapper.privacymanager.io
8    172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net
ad.doubleclick.net
3    172.64.99.35 (United States)

ASN13335 (CLOUDFLARENET, US)
ctxtfl.com
1    18.165.98.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-63.iad55.r.cloudfront.net
sync.serverbid.com
4    68.183.118.170 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
15    54.87.127.173 (None, )

ASN- ()
usersync.gumgum.com
2    54.146.35.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-35-99.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    8.18.45.105 (United States)

ASN25751 (VALUECLICK, US)
PTR: ric06-nessy-float1.dotomi.com
medianet-match.dotomi.com
pulsepoint-match.dotomi.com
2    54.227.205.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-205-3.compute-1.amazonaws.com
pm.w55c.net
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    34.242.96.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-96-184.eu-west-1.compute.amazonaws.com
synchrobox.adswizz.com
2    52.85.132.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-55.iad50.r.cloudfront.net
cdn.adswizz.com
delivery-cdn-cf.adswizz.com
1    172.240.155.84 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
2    63.251.86.50 (None, )

ASN- ()
ap.lijit.com
1    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
6    172.64.98.35 (United States)

ASN13335 (CLOUDFLARENET, US)
services.ctxtfl.com
5    18.160.10.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-111.iad12.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
2    54.156.16.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-16-64.compute-1.amazonaws.com
dpm.demdex.net
1    34.233.0.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-0-32.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    54.158.172.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-172-237.compute-1.amazonaws.com
sync.ipredictive.com
1    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
1    211.120.53.205 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
9    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
13    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.32.151.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-98.iad66.r.cloudfront.net
live.primis.tech
1    52.85.132.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-15.iad50.r.cloudfront.net
sync.intentiq.com
1    13.249.39.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-79.iad89.r.cloudfront.net
sync1.intentiq.com
1    184.31.48.28 (None, )

ASN- ()
c21lg-d.media.net
Apex Domain
Subdomains		 Transfer
85 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
ad.doubleclick.net — Cisco Umbrella Rank: 199
447 KB
68 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
1 MB
43 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
81 KB
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
tpc.googlesyndication.com Failed
317 KB
31 amazon-adsystem.com
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 18035
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
85 KB
24 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
image8.pubmatic.com — Cisco Umbrella Rank: 1098
image2.pubmatic.com — Cisco Umbrella Rank: 1555
image6.pubmatic.com — Cisco Umbrella Rank: 1215
ads.pubmatic.com Failed
image4.pubmatic.com — Cisco Umbrella Rank: 2201
7 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
dsum.casalemedia.com — Cisco Umbrella Rank: 2867
ssum.casalemedia.com — Cisco Umbrella Rank: 2058
14 KB
22 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2297
rtb.gumgum.com — Cisco Umbrella Rank: 2293
usersync.gumgum.com
12 KB
19 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
cs.media.net — Cisco Umbrella Rank: 1972
contextual.media.net — Cisco Umbrella Rank: 1093
hbx.media.net
c21lg-d.media.net
38 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
secure.adnxs.com — Cisco Umbrella Rank: 793
18 KB
15 id5-sync.com
api.id5-sync.com — Cisco Umbrella Rank: 19246
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
71 KB
15 vast.gg
vast.gg
1 MB
13 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3407
cs.yellowblue.io — Cisco Umbrella Rank: 2654
6 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
5 KB
13 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2214
google-bidout-d.openx.net — Cisco Umbrella Rank: 2217
us-u.openx.net — Cisco Umbrella Rank: 930
rtb.openx.net — Cisco Umbrella Rank: 1007
3 KB
13 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 4534
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
11 KB
13 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
sync.a-mo.net Failed
7 KB
12 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3547 Failed
sync.serverbid.com — Cisco Umbrella Rank: 23574
x.serverbid.com — Cisco Umbrella Rank: 16983
4 KB
11 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
sync-amz.ads.yieldmo.com Failed
5 KB
11 monu.delivery
monu.delivery — Cisco Umbrella Rank: 49947
imps.monu.delivery — Cisco Umbrella Rank: 61418
199 KB
10 technoratimedia.com
monumetric.technoratimedia.com — Cisco Umbrella Rank: 70940
901 B
9 ctxtfl.com
ctxtfl.com — Cisco Umbrella Rank: 29740
services.ctxtfl.com — Cisco Umbrella Rank: 30961
25 KB
9 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 6397
sync.cootlogix.com — Cisco Umbrella Rank: 4443
8 KB
8 adswizz.com
synchrobox.adswizz.com — Cisco Umbrella Rank: 15947
cdn.adswizz.com — Cisco Umbrella Rank: 31293
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 5299
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 8107
24 KB
8 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
check.analytics.rlcdn.com — Cisco Umbrella Rank: 5570
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 1360
2 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
3 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
3 KB
7 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3854
launchpad.privacymanager.io — Cisco Umbrella Rank: 3300
geo.privacymanager.io — Cisco Umbrella Rank: 2674
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3237
109 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 881
5 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
2 KB
6 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020
creativecdn.com — Cisco Umbrella Rank: 809
4 KB
6 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3973
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
2 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 266
www.google.com — Cisco Umbrella Rank: 6
248 B
6 gstatic.com
fonts.gstatic.com
www.gstatic.com Failed
95 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 323
104 KB
5 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 2370
1 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
324 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
cm.adform.net — Cisco Umbrella Rank: 1664
3 KB
4 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 21295
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 15267
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
1 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
1 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
a.rfihub.com — Cisco Umbrella Rank: 5072
4 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
5 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
1 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1479
sync1.intentiq.com — Cisco Umbrella Rank: 2959
2 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
958 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1932
832 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
2 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
dis.criteo.com — Cisco Umbrella Rank: 943
870 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
3 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3385
808 B
2 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2641
2 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 4814
645 B
2 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 12257
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
533 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2302
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
1 KB
2 mediago.io
trace.mediago.io Failed
gtrace.mediago.io — Cisco Umbrella Rank: 6276
755 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
1 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
12 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2295
188 KB
2 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 3313
9 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2303
556 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
514 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
839 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2881
602 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2556
695 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 2493
202 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4842
494 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 11414
419 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 14049
641 B
1 appier.net
a.c.appier.net
596 B
1 temu.com
www.temu.com — Cisco Umbrella Rank: 3942
514 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8834
553 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
465 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
516 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
248 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1511
503 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1566
352 B
1 3lift.com
eb2.3lift.com Failed
tlx.3lift.com — Cisco Umbrella Rank: 991
599 B
1 smartadserver.com
ssbsync-us.smartadserver.com Failed
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
252 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2532
8 KB
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 2270 Failed
284 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8688
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
80 KB
1 t.co
t.co — Cisco Umbrella Rank: 751
643 B
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 indexww.com Failed
js-sec.indexww.com Failed
0 uuidksinc.net Failed
s.uuidksinc.net Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 1rx.io Failed
sync.1rx.io Failed
0 criteo.net Failed
static.criteo.net Failed
0 jsdelivr.net Failed
cdn.jsdelivr.net Failed
0 minutemedia-prebid.com Failed
hb.minutemedia-prebid.com Failed
554 101
Domain Requested by
68 s0.2mdn.net t.co
s0.2mdn.net
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
61 cm.g.doubleclick.net 24 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
ads.yieldmo.com
rtb.gumgum.com
s.amazon-adsystem.com
28 pagead2.googlesyndication.com vast.gg
pagead2.googlesyndication.com
t.co
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
21 s.amazon-adsystem.com 3 redirects client.aps.amazon-adsystem.com
google-bidout-d.openx.net
s.amazon-adsystem.com
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
match.sharethrough.com
rtb.gumgum.com
bh.contextweb.com
16 ib.adnxs.com 8 redirects monu.delivery
googleads.g.doubleclick.net
s.amazon-adsystem.com
15 usersync.gumgum.com monu.delivery
rtb.gumgum.com
15 vast.gg t.co
vast.gg
13 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
13 match.adsrvr.org 10 redirects vast.gg
monu.delivery
sync.serverbid.com
13 prebid.a-mo.net 7 redirects monu.delivery
s.amazon-adsystem.com
12 id5-sync.com 8 redirects cdn.id5-sync.com
monu.delivery
12 image8.pubmatic.com 12 redirects
11 ads.yieldmo.com 2 redirects monu.delivery
ads.yieldmo.com
10 sync.go.sonobi.com 7 redirects vast.gg
10 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
10 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
match.sharethrough.com
ads.yieldmo.com
10 eus.rubiconproject.com s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
monu.delivery
sync.cootlogix.com
rtb.gumgum.com
eus.rubiconproject.com
10 monumetric.technoratimedia.com monu.delivery
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
9 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
8 x.serverbid.com sync.serverbid.com
8 ad.doubleclick.net t.co
8 contextual.media.net cs-server-s2s.yellowblue.io
monu.delivery
contextual.media.net
8 x.bidswitch.net 6 redirects vast.gg
contextual.media.net
8 us-u.openx.net 4 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
7 imps.monu.delivery vast.gg
6 services.ctxtfl.com ctxtfl.com
6 bh.contextweb.com 3 redirects s.amazon-adsystem.com
bh.contextweb.com
6 match.sharethrough.com 1 redirects s.amazon-adsystem.com
match.sharethrough.com
6 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
6 htlb.casalemedia.com monu.delivery
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
5 synchroscript.deliveryengine.adswizz.com 1 redirects cdn.adswizz.com
synchroscript.deliveryengine.adswizz.com
5 creativecdn.com 5 redirects
5 b1sync.zemanta.com 5 redirects
5 cdn.ampproject.org cdn.confiant-integrations.net
5 protected-by.clarium.io 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
vast.gg
5 image2.pubmatic.com 5 redirects
5 www.googletagservices.com t.co
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
5 www.google.com t.co
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
vast.gg
5 aax.amazon-adsystem.com client.aps.amazon-adsystem.com
5 prebid.cootlogix.com monu.delivery
5 prebid.media.net monu.delivery
5 fastlane.rubiconproject.com monu.delivery
5 hbopenbid.pubmatic.com monu.delivery
5 hb-api.omnitagjs.com monu.delivery
5 g2.gumgum.com monu.delivery
4 sync.cootlogix.com monu.delivery
sync.cootlogix.com
vast.gg
4 pixel.tapad.com 3 redirects vast.gg
4 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
4 sync.teads.tv 2 redirects googleads.g.doubleclick.net
4 c1.adform.net 4 redirects
4 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
4 cs.media.net 2 redirects contextual.media.net
4 pr-bh.ybp.yahoo.com 3 redirects google-bidout-d.openx.net
4 monu.delivery vast.gg
monu.delivery
4 fonts.googleapis.com vast.gg
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
t.co
cdn.confiant-integrations.net
3 pixel-us-east.rubiconproject.com 3 redirects
3 ctxtfl.com t.co
3 uipglob.semasio.net 3 redirects
3 check.analytics.rlcdn.com monu.delivery
3 secure-assets.rubiconproject.com 3 redirects
3 cs.yellowblue.io cs-server-s2s.yellowblue.io
3 ups.analytics.yahoo.com ssum-sec.casalemedia.com
vast.gg
s.amazon-adsystem.com
3 secure.adnxs.com 3 redirects
3 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
3 onetag-sys.com s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
sync.serverbid.com
3 match.prod.bidr.io 3 redirects
3 e.serverbid.com monu.delivery
3 apex.go.sonobi.com monu.delivery
2 pulsepoint-match.dotomi.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 dpm.demdex.net 1 redirects sync.serverbid.com
2 ap.lijit.com 2 redirects
2 id.rlcdn.com 1 redirects contextual.media.net
2 rtb.mfadsrvr.com 2 redirects
2 pm.w55c.net 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 match.360yield.com 2 redirects
2 analytics.pangle-ads.com 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 rtb.openx.net 2 redirects
2 aep.mxptint.net 2 redirects
2 gtrace.mediago.io 2 redirects
2 a.rfihub.com 2 redirects
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
monu.delivery
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
2 um.simpli.fi 2 redirects
2 oajs.openx.net 1 redirects vast.gg
2 cdn.id5-sync.com securepubads.g.doubleclick.net
t.co
2 c.amazon-adsystem.com client.aps.amazon-adsystem.com
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
2 secure.gravatar.com vast.gg
1 c21lg-d.media.net contextual.media.net
1 sync1.intentiq.com s.amazon-adsystem.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 tg.socdm.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
1 id.a-mx.com 1 redirects
1 image4.pubmatic.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 cm.adform.net 1 redirects
1 sync.colossusssp.com sync.serverbid.com
1 cdn.adswizz.com sync.serverbid.com
1 synchrobox.adswizz.com sync.serverbid.com
1 dis.criteo.com 1 redirects
1 gum.criteo.com contextual.media.net
1 hbx.media.net contextual.media.net
1 sync.serverbid.com monu.delivery
1 ats-wrapper.privacymanager.io launchpad.privacymanager.io
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 image6.pubmatic.com 1 redirects
1 cc.adingo.jp 1 redirects
1 aid.send.microad.jp 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 www.temu.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 cms.quantserve.com 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
1 tlx.3lift.com monu.delivery
1 ads.stickyadstv.com 1 redirects
1 csync.loopme.me 1 redirects
1 ssc-cms.33across.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 bttrack.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 s.seedtag.com monu.delivery
vast.gg
1 api.id5-sync.com monu.delivery
1 client.aps.amazon-adsystem.com monu.delivery
1 config.aps.amazon-adsystem.com monu.delivery
1 launchpad-wrapper.privacymanager.io monu.delivery
1 www.google.ca vast.gg
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com vast.gg
1 t.co
0 pixel-sync.sitescout.com Failed bh.contextweb.com
0 match.deepintent.com Failed rtb.gumgum.com
0 js-sec.indexww.com Failed monu.delivery
0 sync.a-mo.net Failed monu.delivery
0 ads.pubmatic.com Failed monu.delivery
sync.serverbid.com
rtb.gumgum.com
0 api.rlcdn.com Failed monu.delivery
0 s.uuidksinc.net Failed 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
0 tpc.googlesyndication.com Failed t.co
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
vast.gg
0 www.gstatic.com Failed t.co
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
0 eb2.3lift.com Failed s.amazon-adsystem.com
monu.delivery
0 sync-amz.ads.yieldmo.com Failed s.amazon-adsystem.com
0 ssbsync-us.smartadserver.com Failed s.amazon-adsystem.com
0 trace.mediago.io Failed s.amazon-adsystem.com
0 s.ad.smaato.net Failed s.amazon-adsystem.com
0 sync.1rx.io Failed s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
ads.yieldmo.com
0 static.criteo.net Failed securepubads.g.doubleclick.net
0 cdn.jsdelivr.net Failed securepubads.g.doubleclick.net
0 hb.minutemedia-prebid.com Failed monu.delivery
554 170

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com
estudiopatagon.com
Subject Issuer Validity Valid
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-04 -
2025-01-02		 a year crt.sh
vast.gg
E1		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2023-02-23 -
2024-03-25		 a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.technoratimedia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-12 -
2024-09-16		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
client.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-12-20 -
2025-01-18		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-19 -
2024-11-17		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-08-14 -
2024-09-12		 a year crt.sh
*.consumableaudio.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
imps.monu.delivery
GTS CA 1D4		 2024-01-09 -
2024-04-08		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2023-10-03 -
2024-11-03		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2024-01-05 -
2024-04-04		 3 months crt.sh
ctxtfl.com
E1		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
sync.serverbid.com
Amazon RSA 2048 M02		 2023-03-22 -
2024-04-19		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.adswizz.com
Amazon RSA 2048 M02		 2023-06-21 -
2024-07-19		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
services.ctxtfl.com
GTS CA 1P5		 2023-12-13 -
2024-03-12		 3 months crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh

This page contains 62 frames:

Primary Page: https://vast.gg/
Frame ID: 7B0A2AD8DB27CCC8AE525AF589819B25
Requests: 168 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: D8E3E1976594A852965B9E27444AEDC1
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: FCE0B0E87E65217687E99BB54AA816AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5586516597684174&output=html&adk=1812271804&adf=3025194257&lmt=1705033189&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=https%3A%2F%2Fvast.gg%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705033189418&bpp=4&bdt=253&idt=273&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4779225305804&frm=20&pv=2&ga_vid=680730703.1705033189&ga_sid=1705033190&ga_hid=1666817499&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080260%2C31080263%2C31080265&oid=2&pvsid=228952408183555&tmod=1253493320&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=298
Frame ID: A8442FFEC647225BE542750409D2AE24
Requests: 1 HTTP requests in this frame

Frame: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D3B2B812A259B2713BA766867F62DE30
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&dcc=t
Frame ID: 36B578FAE29A38BE0AD3E1CCFF3DA63C
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3CC258E4DF9D73C6C41CC1ED74D26CDD
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 198092A5920BC2CB66DCC29E14207350
Requests: 9 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 67310D30FE1259AFA727002522092630
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 0DCC36529F95F49C704905E388F2187F
Requests: 10 HTTP requests in this frame

Frame: https://ssbsync-us.smartadserver.com/api/sync?callerId=2
Frame ID: 3FEE60F8BC418456B9FD8490B6D1C708
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=2d87db8b95783bc6c08947e63a42ca46
Frame ID: 0EEB9F13B6ABD05066CE2C152E970085
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 77D4386CD1AE62333157E3723D4AA89C
Requests: 6 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: B3F713F3CADF307CB3C5D8881146D6B5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 26A6792225D11BB690638EDB9B6741E5
Requests: 20 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 3209889795C66BE416F57929D7218C11
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1554685320975062049&ex=appnexus.com
Frame ID: 42A1E0E23C4FC9A0B2F007C7C83CA33F
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 85B0180B00AF23D1014D071A1EB4DE28
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: 99181C7D1F1B32EB148283738FAFC85E
Requests: 1 HTTP requests in this frame

Frame: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BD70A964BF48BABA7929E21ED47F8571
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 2604F2D51A93B8D3EB171B03ECDA652D
Requests: 21 HTTP requests in this frame

Frame: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 33DD1F7118B806472E97E51837D03C5F
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: A4A3AE9DA14784F6444E72DAA8C1B823
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: E8FF9D265C6F9B0587BE5C86FC7C1F32
Requests: 4 HTTP requests in this frame

Frame: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0DC80F9D2EC23917E437BCF4A09E4589
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeVmwEQ-bW9AhjKmODkATAB&v=APEucNW8Ij2Bd10mF2EBAViVMfZzETkhSPfHMDJ7vbCzMiWLnzUAYSvwF02fgqjgrs0CXrkOhoOLahTxpxiwYR5i2Fowiap5tw
Frame ID: 242990A74CE8AE3180147EA4E8CD1BB8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB6A17889B8F757AEA1099A7AB7608BE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNWooE2IL1rSQY5SRoPR6-LovUWFLNCjCyTTdZqmmxQcmZQ24-QuXU884kOkH-ZlBExsRPv7X70mRZl9pam_uZWQ36hlIA
Frame ID: 59A78B43169C4CDDA6BF47D7F9629FDD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB51DDE888DE4606B239318AB2933587
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: A3610F3CDCB372247389E6F19232D5C5
Requests: 15 HTTP requests in this frame

Frame: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7E91FA5531D832420BCF430C9077A549
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNX9Bxy27ujOLPS-97kNWo1cWL1epxpPer6CoSxJzVZFwNG4rQFhJs6CSAupgMn4qzxEh9XB9piMj12kmxfqLI9Wl7gbpA
Frame ID: C2586FBD479CA4F98416750EDFA5409C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0475F3CBEC5A6D661DEE7941C4B150FC
Requests: 7 HTTP requests in this frame

Frame: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 80448FD1434058FE029E96675AB9F188
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNV7B4kCuQ_LvWC3HWCjcPy8a9RJtncwFZmGklitrr-56hI8oHJ23ISYW-fSKNPKtGjzlw4fZu4EZFeuvSMv1FHx7Z2fOQ
Frame ID: E9BAB67C73D355C31BE2E578A723E4DB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A833A77E6B850C2B5222DCF2C8CDBA0D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
Frame ID: AB0DE2527B6712C4A815642575A0938A
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Frame ID: 6554F73AAB77FA576559F21F57CAAEB5
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Frame ID: A5B26E7A24DCFD268158E5E25A38CBE0
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Frame ID: 285C652D01E53AED27CBC27DB102D133
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 83288FBD45D1D11878FF24B17E0AE2CE
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000033.html
Frame ID: AB6998A692452E4B465D0630185E7B4A
Requests: 14 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CqgBSgd2YXN0LmdnUgthYXMtNGEyYmY5N1oIcGJhMS4zLjNqB3Zhc3QuZ2f6AQY4LjEyLjDoAgGIA-X7gq0GqAMW6gMkNWE1NjAyOTctMzJmZi00NThmLThkNDQtZjQyMDAxZDJlNTFiqgQDRENIsgUDVVNE0gUJMTA1MTk5NTM02AUB4AUB6gUHZGVza3RvcPoFBGRjMTOqBwN3ZWLKBwd2YXN0Lmdn4AcB
Frame ID: 24F8F1E1C432EF237435FFD8B72641ED
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 79DE0BACEB945153394DF78ABAE745A3
Requests: 2 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A2A256525A2CE38AC12609010F6446FE
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4EEF97F1BE30E73E821BDAF8A8000666
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: C5DFCDCD7EECB6D37B3AD2AABCC98F2D
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=0&gdpr_consent=
Frame ID: 2EE900DDDF55DC63F274C7E4CF6875C8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: A1207DC21A5853E5B29F3A8DF3154BAB
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4A12B8DCA2FE0E8496F80D6452ED30AF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
Frame ID: E70825822930DB51DA2991F00CB0A0B9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 50B0823E3A72C945573F842E78A99647
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 0D6CD3D2C149A096C2190DF02D6C2570
Requests: 1 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: A84BEA91879D05983F15C8599D071F0D
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Frame ID: 4ACEC89E2BFDC7100CCFF8CB2BF9827D
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=&gdpr_consent=
Frame ID: 69995C531036825A4C32162A516C2FB5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9hYzNlMjc4Yi1hODZkLTRjNGMtYjRhNy01MTE3MmIzOTgxMjA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: C13B54E54C21799886F87F5D6FA66982
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 333CC88C6054CAED43800300798A6378
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
Frame ID: E7A34320533826EFD90B9A4F5D16328E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaC97MCo5tIAAFlcHykAAAAA
Frame ID: 1F497A189D4B037234D463A9640D22E0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=gumgum
Frame ID: 762C15A9200142764E8B259D40E1F170
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 003C1BF5F7B14838929F60F51589D427
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vast Giveaways: Find the best giveaways & sweepstakes to enter

Page URL History Show full URLs

  1. https://t.co/XJ0eEiJe3Z Page URL
  2. https://vast.gg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

554
Requests

68 %
HTTPS

0 %
IPv6

101
Domains

170
Subdomains

94
IPs

8
Countries

4746 kB
Transfer

10723 kB
Size

178
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/XJ0eEiJe3Z Page URL
  2. https://vast.gg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 127
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvast.gg%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvast.gg%2F&rid=esp&cc=1
Request Chain 128
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&dcc=t
Request Chain 132
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=eb442374-4d2a-c4a9-0f51-dc9d475894f3 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=eb442374-4d2a-c4a9-0f51-dc9d475894f3&dcc=t
Request Chain 133
  • https://match.adsrvr.org/track/cmf/openx?oxid=b3925f09-5180-7f53-cf5f-5e0a2f6b5f13&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=b3925f09-5180-7f53-cf5f-5e0a2f6b5f13&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttd_puid=b3925f09-5180-7f53-cf5f-5e0a2f6b5f13&gdpr=0&gdpr_consent=
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELjhtYBjdRIrNzKKlqBHgHs&google_cver=1
Request Chain 138
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=
Request Chain 140
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3480347936485244000V10
Request Chain 141
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AADb_E7LQXwAABY0dGhijw&ex=beeswax.com
Request Chain 144
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3C78DC01D4294A9FABEF6EE7FD61E80E&ex=simpli.fi&status=ok
Request Chain 147
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 149
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=2d87db8b95783bc6c08947e63a42ca46
Request Chain 153
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 154
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1554685320975062049&ex=appnexus.com
Request Chain 162
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaC95o6bVgJB-YJxFA.I2gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMn6tP5uGSWE02PL1KzXUSU&google_cver=1&google_hm=2
Request Chain 163
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaC95o6bVgJB-YJxFA.I2gAA%263568&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaC95o6bVgJB-YJxFA.I2gAA%263568&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=de64b98835ec403e92f10be73d07ab77 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=de64b988-35ec-403e-92f1-0be73d07ab77 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=f4867bc9-585e-4cc3-96db-9c572d611471%3A1705033192.3103857&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df4867bc9-585e-4cc3-96db-9c572d611471%253A1705033192.3103857%26_%3D1705033192.3134682&cb=1705033192.3135023 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2809753620087717693&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Df4867bc9-585e-4cc3-96db-9c572d611471%253A1705033192.3103857%26_%3D1705033192.3134682 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=f4867bc9-585e-4cc3-96db-9c572d611471%3A1705033192.3103857&_=1705033192.3134682 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdmNDg2N2JjOS01ODVlLTRjYzMtOTZkYi05YzU3MmQ2MTE0NzE6MTcwNTAzMzE5Mi4zMTAzODU3EAAaDQjq-4KtBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAIiQxFLitIz-bN7vNwOdXQ&google_cver=1
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaC95o6bVgJB_YJxFA-I2gAADfAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDhOuBZTbztQrY0j_tHx4ZM&google_cver=1
Request Chain 165
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1554685320975062049
Request Chain 166
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=c6507ff1-2985-4e7d-bb99-3d8278d5aa08
Request Chain 168
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4444335064546968693&expiration=1706242791
Request Chain 195
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212417877639277
Request Chain 196
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=cb4ae8d5-d89d-45df-aaea-cce106fcfd6e&gdpr=0
Request Chain 197
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=1554685320975062049&gdpr=0&gdpr_consent=
Request Chain 198
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjZFMDAwNEMtNkI2OC00RkI3LThERTAtRTIwNUVDNjBGQkIz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
Request Chain 199
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Request Chain 201
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=33f75148-604f-4b7e-ae80-c7bb10e57a4b&gdpr_consent=null&gdpr=0
Request Chain 203
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=
Request Chain 204
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=5b92439f-866f-4216-8418-02980ec28b50
Request Chain 205
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=d6ea2a11daebb01cf2226fafa973dca7&gdpr_consent=&gdpr=0
Request Chain 212
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENpWGI1tWL1CdnEs0_F2864&google_cver=1
Request Chain 255
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaC95o6bVgJB-YJxFA.I2gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1&google_hm=2
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENkz2gciLFfYT5qlOs8GDdg&google_cver=1
Request Chain 257
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFd58HVeUQVsNDfEpimoL10&google_cver=1
Request Chain 259
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA5hqtczpv3ycSyOPoz-ApE&google_cver=1
Request Chain 261
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjIyODVkOWYtY2NjNS00MDk4LWEwMmYtYTgxN2NiZTc2M2Mx
Request Chain 278
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH2pkiDVN3eO0pLplBDI0Z0&google_cver=1&google_push=AXcoOmSg0R1Z4AUNYrZ2vNhhoC6EgIgrxFTqV-NrYXkfH5ETHAXjFjLDFkooM6tdvSjG9ZgRZ4ulA187ylh6dbyhWji9h_JI7x8i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSg0R1Z4AUNYrZ2vNhhoC6EgIgrxFTqV-NrYXkfH5ETHAXjFjLDFkooM6tdvSjG9ZgRZ4ulA187ylh6dbyhWji9h_JI7x8i&google_hm=eS1Hc2ltZFZCRTJwRjlVUTVjOHUuWUhmV0lkd2tSQnEuSX5B
Request Chain 280
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQNvAErTkVmHkkcaeNSV28G74_8SenMVxoFQzQst76xMV2aU0G8sB6L42KNJ84M1RCs1zdPjyM4gDEquxi9DbuyIEKKyyzS%26google_hm%3D%5BUID%5D&google_gid=CAESEMWoR3o2SfwfbVXV4na8gHE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQNvAErTkVmHkkcaeNSV28G74_8SenMVxoFQzQst76xMV2aU0G8sB6L42KNJ84M1RCs1zdPjyM4gDEquxi9DbuyIEKKyyzS&google_hm=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Request Chain 281
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELRQVFrVjE9j4M4XfIIUkuw&google_cver=1&google_push=AXcoOmS5vWub96LZj4rePXUUyyJcHlBPMGKFVyK-sUXtFHgtLKskIbPm8IUm4RrKJ3fzlzoDYRyKHrBP31f9MpYfGbzHBjva-nk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS5vWub96LZj4rePXUUyyJcHlBPMGKFVyK-sUXtFHgtLKskIbPm8IUm4RrKJ3fzlzoDYRyKHrBP31f9MpYfGbzHBjva-nk&google_hm=NzM2ODQ0NjMzODQwNDAxNTYxOQ==
Request Chain 282
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEEtq9Q_-qWLP8Mxr0GbNqKU&google_cver=1&google_push=AXcoOmT8RFDshlmO3LVyNTC_ivB1n2GAJA-mOHRRzszXjkpScAZOchm09KfG93ntQy8oPDQ_ScN9-BYu5NAw5YTljRKrZ4s1cdQD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT8RFDshlmO3LVyNTC_ivB1n2GAJA-mOHRRzszXjkpScAZOchm09KfG93ntQy8oPDQ_ScN9-BYu5NAw5YTljRKrZ4s1cdQD&google_hm=acc8ce73440cc9fd2nzx8f00lra4qsog
Request Chain 283
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFxGU2UFMb8iw4wISwjCbIU&google_cver=1&google_push=AXcoOmTfCFTB_r_2JnsISjjfCPCnGFoEwpFCjtq_9dYD8i-qJesOAcC11FEuLrzp5CYJuxPa4pRwRYz0riZL7Fjey4VraS2d9V1AMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D&google_gid=CAESEFxGU2UFMb8iw4wISwjCbIU&google_cver=1&google_push=AXcoOmTfCFTB_r_2JnsISjjfCPCnGFoEwpFCjtq_9dYD8i-qJesOAcC11FEuLrzp5CYJuxPa4pRwRYz0riZL7Fjey4VraS2d9V1AMQ
Request Chain 285
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEDi2rn7A4lE_yFgbaQ5K7Qw&google_cver=1&google_push=AXcoOmSkDK-DOH-e7Tm8LSWBYhx9F32FLjIb8GU7Qm_l42XS3nw7rV2eNwXqhLJOpyuzL8GpPvJsrUz2WLHlbYDleGd6fgVW3w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSkDK-DOH-e7Tm8LSWBYhx9F32FLjIb8GU7Qm_l42XS3nw7rV2eNwXqhLJOpyuzL8GpPvJsrUz2WLHlbYDleGd6fgVW3w&google_hm=UjM1Q0E1XzEwRjI3QjA3Nl9BRjI3QTZBMw%3D%3D
Request Chain 286
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENDJEA2Jhp2wUDxzW6Gzn1k&google_cver=1&google_push=AXcoOmQ_gkLomjw82jafFLxMsxQgXJXnqxGH5rXY8w85TVP3YAQ3V5Oujc_6kmOYilZ6dvYItqKNPeRcqL6CREvippJwG5r2wFA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Aud_JcxRMEWmUL-ROMVcQ&google_push=AXcoOmQ_gkLomjw82jafFLxMsxQgXJXnqxGH5rXY8w85TVP3YAQ3V5Oujc_6kmOYilZ6dvYItqKNPeRcqL6CREvippJwG5r2wFA
Request Chain 287
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKNBl7MlfSYdm10Xxz80e8g&google_cver=1&google_push=AXcoOmQ4Fb3Eyn0gFE3Vg0EGK9GuGglAy3ex5XPQSjyM6d31LEI_qkt8XxL-NbuC83RxMxl_ghhhbrziyPld9tJv7YIDOg4k2Tg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ4Fb3Eyn0gFE3Vg0EGK9GuGglAy3ex5XPQSjyM6d31LEI_qkt8XxL-NbuC83RxMxl_ghhhbrziyPld9tJv7YIDOg4k2Tg&google_hm=bMTVNfgGxn0pKxK9_HJlqQ==
Request Chain 288
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRKcwvRKckIHem5DZtBeSFQfWUv_NO1Fp2Y-cq3cWTOHBnc5FmdgdtWjq9u6cO5Sn9cb3BHxMdSWwNTe8QRtHnMZokpMCM%26google_hm%3D%5BUID%5D&google_gid=CAESEEtj-eDsj0SDtQu5nudPJZw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRKcwvRKckIHem5DZtBeSFQfWUv_NO1Fp2Y-cq3cWTOHBnc5FmdgdtWjq9u6cO5Sn9cb3BHxMdSWwNTe8QRtHnMZokpMCM&google_hm=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Request Chain 289
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEF0FJUekYknTgSYFPKSXlFk&google_cver=1&google_push=AXcoOmSmPVqBk2ovEOtbWV372i_PsveXY0Zff6J2GHKdFDqqT3yCXQCX7Eu8oBXen7wTCv-0_3543cwMyKC1-A40ELKW2MppyMA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSmPVqBk2ovEOtbWV372i_PsveXY0Zff6J2GHKdFDqqT3yCXQCX7Eu8oBXen7wTCv-0_3543cwMyKC1-A40ELKW2MppyMA&google_hm=VkV6WTdjY1FRWWM5RUtiZVFzUjI=
Request Chain 290
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAkKUkXcGMtWPb_xODc72ls&google_cver=1&google_push=AXcoOmR8q3aTm-HHX2COe5p3uDwJBbb5TULfjSZSTJT6wb25aVUMiQyqlXQgp9hMPbO_X7xNXhHvOIW45p9sGFqfsZxwaG0wSUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&%%GOOGLE_PUSH_PAIR%%
Request Chain 291
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEMa4P3N5CJZL0cO1fR7jyr0&google_cver=1&google_push=AXcoOmSRBZMr4tewnlrwnEAw09W94o5ESA40pDUnsnFsAbsv6KXLiJrTvFOsQjWEp0e6yPnRU-5EVPaOkJSxM8BNuW0okQoxJbiQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSRBZMr4tewnlrwnEAw09W94o5ESA40pDUnsnFsAbsv6KXLiJrTvFOsQjWEp0e6yPnRU-5EVPaOkJSxM8BNuW0okQoxJbiQ
Request Chain 297
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=eed2eaaf-00bb-4420-a928-2f23eaabab2e&gdpr=0&gdpr_consent=
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZWQzMzk0YWMtNWJkYi00NDliLTgwZTQtYzk5ZDQwMGE2OWFm HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 299
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDg4REY1OUEtQUExMC00NUNELUJBREUtMEVCQzQ2N0QzOUEw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
Request Chain 300
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=VroS-ap-kEY3jeE8vPTy&gdpr=0
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1
Request Chain 315
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaC95o6bVgJB-YJxFA.I2gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1&google_hm=2
Request Chain 316
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENkz2gciLFfYT5qlOs8GDdg&google_cver=1
Request Chain 317
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D
Request Chain 318
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEJvhv0QAoIC4GYu9dsUK_Fc&google_cver=1&google_push=AXcoOmT51YTeY2HSpE3_qURGbf34XIgT5qlRewShOl4McNr0-N7I1pNTIhdbFCtuFxH29qy_cpLHhG2rb4uSALXdrAj2c9PVJFU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT51YTeY2HSpE3_qURGbf34XIgT5qlRewShOl4McNr0-N7I1pNTIhdbFCtuFxH29qy_cpLHhG2rb4uSALXdrAj2c9PVJFU&google_hm=UjM1Q0E1XzEwRjI3QjA3Nl9BRjI3QUNCRA%3D%3D
Request Chain 319
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEF21O9NwFOM2AP1Lq3v8e9M&google_cver=1&google_push=AXcoOmRhYsYUGEW7W2gDEnX3S-pTvgJJGis_Op6TrkAyjndFLWOu78yWCO2ummeJqBOAcegdn5N2wgn6H3uWZPXT7yPSbCJ08cFF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRhYsYUGEW7W2gDEnX3S-pTvgJJGis_Op6TrkAyjndFLWOu78yWCO2ummeJqBOAcegdn5N2wgn6H3uWZPXT7yPSbCJ08cFF&google_hm=MzcyOTgwNzUyMjQyODM3NDMwMQ==
Request Chain 320
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFgjn41OBafsTuwC1zwZKpg&google_cver=1&google_push=AXcoOmQ42XoHQM21-ND2NBrED7Z7zeNRaA6rr4wgbk5Lv50HVtynVBZNdV76bueytzwtL74BOOTnHc1rgzm5NLMMcrMyNsggSDo HTTP 302
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFgjn41OBafsTuwC1zwZKpg&google_cver=1&google_push=AXcoOmQ42XoHQM21-ND2NBrED7Z7zeNRaA6rr4wgbk5Lv50HVtynVBZNdV76bueytzwtL74BOOTnHc1rgzm5NLMMcrMyNsggSDo&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NmQ4MjQzMGRlZGJiODFhNg&google_push=AXcoOmQ42XoHQM21-ND2NBrED7Z7zeNRaA6rr4wgbk5Lv50HVtynVBZNdV76bueytzwtL74BOOTnHc1rgzm5NLMMcrMyNsggSDo
Request Chain 321
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEDVqmorhoy4Se3bAmrxjaMI&google_cver=1&google_push=AXcoOmQYI3P15AMZP1ed_OOBRsRpd3coiucAGt0g7bDvGmnfvCw1fox1apb6LebEstMMOnWVKeUr1vrqpSyh5Yas0U_ihcvGDCFF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQYI3P15AMZP1ed_OOBRsRpd3coiucAGt0g7bDvGmnfvCw1fox1apb6LebEstMMOnWVKeUr1vrqpSyh5Yas0U_ihcvGDCFF&google_hm=acc8ce73e02e8bfc24ucc500lra4qsoh
Request Chain 322
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESED5Qv-u1gGIKCSs0FtZtMSg&google_cver=1&google_push=AXcoOmS8uw0GGWXNsrQzn-o7xRnTfpPgmtCmQcimMLEm74zqtAQPwCtSUBN97fpkKFAgKSqDvYfjLAtUNVmxBQR5rOb8cWvnv9U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS8uw0GGWXNsrQzn-o7xRnTfpPgmtCmQcimMLEm74zqtAQPwCtSUBN97fpkKFAgKSqDvYfjLAtUNVmxBQR5rOb8cWvnv9U
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELjhtYBjdRIrNzKKlqBHgHs&google_cver=1
Request Chain 344
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA5hqtczpv3ycSyOPoz-ApE&google_cver=1
Request Chain 346
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWMyZDk3OWEtNTU1OC00YTg4LTk5MTEtNTgxNzU2NTBiYTlj
Request Chain 347
  • https://a.c.appier.net/gcm?google_gid=CAESECJK740dvOxZWFuFXpfDyrA&google_cver=1&google_push=AXcoOmTJBpuJXhsoValPljGLcfUc7XXozxdiejx9gMKDmgeIMXo2mgP2ronPZTsylW2J-a5-lD6kUINPxENc_YP868Hj4veeZgs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=U051MXYwVVFESXkxTk5DdDhMMmdaUQ%3D%3D&google_push=AXcoOmTJBpuJXhsoValPljGLcfUc7XXozxdiejx9gMKDmgeIMXo2mgP2ronPZTsylW2J-a5-lD6kUINPxENc_YP868Hj4veeZgs
Request Chain 350
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAog_9dXSkEdAMDPnKFfrro&google_cver=1&google_push=AXcoOmSEz2MvbfFBixAmzrffcSZiX7OI_WyobRZIic-Z4_wZ-d4yoc-QDXJMhMQnYHHSN0M7ubt5b8bAHGk_xr3lXAsnuVBXsy8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSEz2MvbfFBixAmzrffcSZiX7OI_WyobRZIic-Z4_wZ-d4yoc-QDXJMhMQnYHHSN0M7ubt5b8bAHGk_xr3lXAsnuVBXsy8&google_hm=VnJvUy1hcC1rRVkzamVFOHZQVHk=
Request Chain 351
  • https://match.360yield.com/match/ebda?google_gid=CAESEARUKutxzVdc_T-Yq40F7o0&google_cver=1&google_push=AXcoOmSpfBgtUqZFkx5MWAr4hYXeiNESc1y9xfMLiWvsAKUKuJ1-76uB4KTAQ6r2_7gM1ZkrpSTIzrC0e0gGLyHGylNCNxWBwg HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEARUKutxzVdc_T-Yq40F7o0&google_cver=1&google_push=AXcoOmSpfBgtUqZFkx5MWAr4hYXeiNESc1y9xfMLiWvsAKUKuJ1-76uB4KTAQ6r2_7gM1ZkrpSTIzrC0e0gGLyHGylNCNxWBwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PkYR0nTRTi-h1MRl-EMrkw&google_push=AXcoOmSpfBgtUqZFkx5MWAr4hYXeiNESc1y9xfMLiWvsAKUKuJ1-76uB4KTAQ6r2_7gM1ZkrpSTIzrC0e0gGLyHGylNCNxWBwg
Request Chain 352
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEGEiHR1fgAXUuFyLK2naxz4&google_cver=1&google_push=AXcoOmRSRf8jFAHi2s2kcfdFHGjXS2Hil779C9JxvKfHHwLOu_CLpvIUN7EyhGfnHeMKlQ_9gC-_6P8CD8CS3NSYPZUkOephGbk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRSRf8jFAHi2s2kcfdFHGjXS2Hil779C9JxvKfHHwLOu_CLpvIUN7EyhGfnHeMKlQ_9gC-_6P8CD8CS3NSYPZUkOephGbk&google_hm=5c2706b8679c7315b36d158e4439434f
Request Chain 353
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAMCU0nyVWeOKaK9A9Pk3Tc&google_cver=1&google_push=AXcoOmSbOsj_nC5lpr3dSCHX7PQYgs9P03zzgw5n0qlpng-h-WGjLnqfJCQGY5eWCartw6VieRSYdPiL9mzuKbbF3osxawNKLhg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSbOsj_nC5lpr3dSCHX7PQYgs9P03zzgw5n0qlpng-h-WGjLnqfJCQGY5eWCartw6VieRSYdPiL9mzuKbbF3osxawNKLhg
Request Chain 355
  • https://id5-sync.com/i/1013/8.gif?id5id=ID5*UJvnDwYyCQrYnTFGeQSn6X_uHF2N6PMUaZXvNiTKsTZ7-VRAquhBE7gm7-mS3l4ae_ohJ3i3Tc6R8YZzHBvWeA&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttl=%%TTL%% HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F434%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/1013/434/6/3.gif?puid=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1013/441/5/4.gif?puid=u_ac3e278b-a86d-4c4c-b4a7-51172b398120&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1013/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1013/2/4/5.gif?puid=1554685320975062049&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F429%2F3%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1013/429/3/6.gif?puid=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/1013/112/2/7.gif?puid=318D3361E203BB5&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1013/108/1/8.gif?puid=b864f3c7-a81f-4837-ab77-1c63f50731ac&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MzE4RDMzNjFFMjAzQkI1&gdpr=0&gdpr_consent=&id5=ID5-a6f3N5-INukwsHpIqSbVTkOdYbxFcihYOG4KFWcwCg HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPy32b9mIh9cLr1SDscyPNA&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-a6f3N5-INukwsHpIqSbVTkOdYbxFcihYOG4KFWcwCg&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Request Chain 381
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=0&gdpr_consent=
Request Chain 384
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
Request Chain 385
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=F92ol66bVqpfoy5HdaC5PLnVUPQ
Request Chain 386
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=sonobi&tc=1
Request Chain 387
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4ba74d4dae&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=eed2eaaf-00bb-4420-a928-2f23eaabab2e&pubid=4ba74d4dae HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b864f3c7-a81f-4837-ab77-1c63f50731ac%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttd_puid=b864f3c7-a81f-4837-ab77-1c63f50731ac%2C%2C
Request Chain 388
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=3729807522428374301
Request Chain 390
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzU0RjYwMzMtRUYyNi00NUQ5LUJGMTctQzkwNjFBRDUyMDEz&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
Request Chain 393
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=00bw2j7lAzLn&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 394
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=1554685320975062049&pn_id=an
Request Chain 402
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3480347926485296000V10%26type%3Dcon%26refUrl%3D%26vid%3D50331938103480347926485296000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=78613609676c23ea&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3480347926485296000V10%26type%3Dcon%26refUrl%3D%26vid%3D50331938103480347926485296000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3480347926485296000V10&type=con&refUrl=&vid=50331938103480347926485296000V10&axid_e=&ovsid=AAACl1FifVNUKwMUpsmEAAAAAAA&expiration=1705119594&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ4MDM0NzkyNjQ4NTI5NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKYfeX4pDclM-e_y3Da8pRE&google_cver=1
Request Chain 404
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3480347926485296000V10%26type%3Ddxu%26refUrl%3D%26vid%3D50331938103480347926485296000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3480347926485296000V10%26type%3Ddxu%26refUrl%3D%26vid%3D50331938103480347926485296000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3480347926485296000V10&type=dxu&refUrl=&vid=50331938103480347926485296000V10&axid_e=&ovsid=APufUREr1Ro91o5
Request Chain 405
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9ad03db6-bb24-49f4-98de-4d60dda1ceaa&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Request Chain 407
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=VroS-ap-kEY3jeE8vPTy
Request Chain 408
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3480347926485296000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3480347926485296000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=411b3279-7dd5-4485-9a44-8c76490cd352&cs=1
Request Chain 409
  • https://id.rlcdn.com/710489.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCOv7gq0GEgUI6AcQAEIASgA
Request Chain 410
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eed2eaaf-00bb-4420-a928-2f23eaabab2e
Request Chain 411
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=medianet&tc=1
Request Chain 474
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=H-iEiLZHhZq5vUDFSzCKSHCi
Request Chain 475
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=mmJuOw9jboOZ&ev=1&pid=562763
Request Chain 476
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZaC95o6bVgJB-YJxFA.I2gAA%263568
Request Chain 477
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1554685320975062049
Request Chain 478
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4650-ad1b-516bfb787c08%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=1554685320975062049 HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4650-ad1b-516bfb787c08%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/1/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=openx&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=8a4cd0c6-e81f-4cba-a4d3-9e1fae309d9e HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4650-ad1b-516bfb787c08%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/2/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=adform&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=4444335064546968693 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4650-ad1b-516bfb787c08%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/4/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=index_rtb&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=ZaC95o6bVgJB-YJxFA.I2gAA%263568 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F5%252F9200%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D14c21e96-f05d-4650-ad1b-516bfb787c08%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBFakT1HPo7MAJFa5GFHIpM&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:07538226E2854BA2B957AF03051E2636 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4650-ad1b-516bfb787c08%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3DB6E0004C-6B68-4FB7-8DE0-E205EC60FBB3&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/cchain/5/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=pubmatic&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4650-ad1b-516bfb787c08%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/7/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=amx_com&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=14c21e96-f05d-4650-ad1b-516bfb787c08 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=14c21e96-f05d-4650-ad1b-516bfb787c08
Request Chain 479
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Request Chain 480
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VEzY7ccQQYc9EKbeQsR2&gdpr=&gdpr_consent=&us_privacy=
Request Chain 488
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%5BUID%5D HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=sonobi&gdpr=0&gdpr_consent=&us_privacy=&userId=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Request Chain 493
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc537698536b9310e4bcb76350a9f261 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=dc537698536b9310e4bcb76350a9f261
Request Chain 495
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Request Chain 499
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1554685320975062049
Request Chain 500
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_ac3e278b-a86d-4c4c-b4a7-51172b398120&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_ac3e278b-a86d-4c4c-b4a7-51172b398120&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=80b49e7e-aef2-470e-b5aa-bdb73b648c1b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=a82421e8-1f2d-4ea2-a45d-a8e729c22cda&ssp=gumgum2&bsw_param=80b49e7e-aef2-470e-b5aa-bdb73b648c1b HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=80b49e7e-aef2-470e-b5aa-bdb73b648c1b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 501
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=44affb79-7995-4705-a824-4ee7e73b5e55
Request Chain 502
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-17dda897-ae9b-56aa-5fa3-2e4775a0b93c$ip$185.213.80.244
Request Chain 503
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-nTxenbNE2pdesh8zOyaKSzuVYSBRQaJUJ5j3~A
Request Chain 504
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=dfe96ad5-3ba5-48f5-9cd1-1885c36f558f
Request Chain 506
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_ac3e278b-a86d-4c4c-b4a7-51172b398120&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=VroS-ap-kEY3jeE8vPTy
Request Chain 507
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=pxYgtILVabaK&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 508
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1138234130041471926
Request Chain 510
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=&gdpr_consent=
Request Chain 513
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
Request Chain 514
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaC97MCo5tIAAFlcHykAAAAA
Request Chain 515
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=gumgum
Request Chain 516
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 518
  • https://cs.media.net/cksync?cs=30&type=vdz&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dmedianet%26userId%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=medianet&userId=3480347936485244000V10&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 523
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bjdiUzBwNGgzZ2NHU2JCd1lDTm5FUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEMhwuyfH-HGkNXcSqCCI6UI&google_cver=1
Request Chain 524
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=765a471eeb142404&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABpbu-rDqfxQMn5YfLAAAAAAA&expiration=1705119598&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 534
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRA4QL3V-1C-G3X1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRA4QL3V-1C-G3X1&ex=d-rubiconproject.com&status=ok
Request Chain 535
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LRA4QL3V-1C-G3X1 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LRA4QL3V-1C-G3X1
Request Chain 536
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&khaos=LRA4QL3V-1C-G3X1 HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRA4QL3V-1C-G3X1
Request Chain 537
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRA4QL3V-1C-G3X1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LRA4QL3V-1C-G3X1
Request Chain 538
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eed2eaaf-00bb-4420-a928-2f23eaabab2e&gdpr=0&gdpr_consent=&expires=30
Request Chain 539
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/C0eLUKAcxVlY9-kEHDzpAMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YsSYTS1E2oJEMMTTqchmw8fQFPMczwPwpfNXLA--~A
Request Chain 540
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRA4QL3V-1C-G3X1&ex=d-rubiconproject.com&status=ok
Request Chain 541
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=z8pNaR1aRACOYC1ZioArsw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z8pNaR1aRACOYC1ZioArsw
Request Chain 542
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRA4QL3V-1C-G3X1
Request Chain 543
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN_f3cssY_mritjN0ssy5lw&google_cver=1
Request Chain 544
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJBNFFMM1YtMUMtRzNYMQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJRx3h4vK1ANfJR1cw58lVQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBNFFMM1YtMUMtRzNYMQ==&google_push=
Request Chain 546
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWNiOTIxNmExYWVjOGY4ZGI0ZGZkMDA3MDkxYzRiYmFjZDQ1NTY4ZQ
Request Chain 547
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADb_E7LQXwAABY0dGhijw&expires=30
Request Chain 548
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRA4QL3V-1C-G3X1 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRA4QL3V-1C-G3X1 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRA4QL3V-1C-G3X1&ckls=true&ci=tRjQZ1OcCP&nc=false&trid=1508001413
Request Chain 549
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRA4QL3V-1C-G3X1
Request Chain 550
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRA4QL3V-1C-G3X1
Request Chain 551
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRA4QL3V-1C-G3X1
Request Chain 552
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRA4QL3V-1C-G3X1&redir=true
Request Chain 553
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=669f2a22-ad84-4d32-b222-24f3df3b6be0&expires=30

554 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
XJ0eEiJe3Z
t.co/ 		199 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
162
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 04:19:47 GMT
expires
Fri, 12 Jan 2024 04:24:48 GMT
perf
7469935968
server
tsa_b
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
7e10e541384591405413af0554c53aa8550b0c1c21d734572ae0c6ccd42b5dd3
x-response-time
15
x-transaction-id
7977d71c05aa7a50
x-xss-protection
0
Primary Request /
vast.gg/ 		180 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vast.gg/
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2088dde33a0d2d2a0d6ab03ea72a8c9001989b4d4ee9a3bd71db08d8f9a4c2f

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
84429a76abd054d9-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 04:19:49 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://vast.gg/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gaxd%2FrQeOFi1cd5w5mxv2eFs2hvSo%2BzzZId2aGLsrwKJOVvE%2FOGeIzHxnoNGs49fy4YHxwlP5PXETA3NGrK%2BvTzxPOwQIO%2FqcAYAePypJk2kyeb2twCsHZz9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFGQ7Q0YK7
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ed5cd39e40395c9b7329b084b9c1c3b4d605c12b4d6c5e5a38c0ca0588c18330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81561
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 04:19:49 GMT
style.min.css
vast.gg/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 03:47:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
W/"19824-604d0d64e4951-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYEenxbdJrm8WVxirjeAEAXf7dGNppJVFpPv9XkAjonOxDXky5sN5uNSQjd3U5SpmrbvctMu5adubwgCrnINQTO8gMipSQlAcTSYhzsuFYg7bTsy3YBIk9RT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84429a787e2654d9-YYZ
alt-svc
h3=":443"; ma=86400
plugins.min.css
vast.gg/wp-content/themes/breek/assets/dist/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-content/themes/breek/assets/dist/plugins.min.css?ver=4.1.0
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411494e01716b5f3b65c3ca699ebd43dfe28de24e0b670af0d6604f185691f2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 19:24:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
W/"7edc-60414c3c49baa-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1M5%2FeTiDDxqmhmYBVW1mWQrD9dUwiTsx6F9CN%2FiAgr1ktlf5WE4%2F9uDCtWH%2BK%2B6VlXgSNR0C6Yf6BoOhY217eMOFCEI6vS3X5ba0m1CuShFGoLkcU%2FwU7ah"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84429a787e2754d9-YYZ
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C600%2C600i%2C700%2C700i%7CMontserrat%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&display=swap
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
9e928c5743b5777aa817daa10c011209c042a7feb7577525c2fa250c14fda32f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 03:55:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 04:19:49 GMT
style.css
vast.gg/wp-content/themes/breek-child/ 		0
347 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-content/themes/breek-child/style.css?ver=6.3.2
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359
cf-polished
origSize=283
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Sun, 24 May 2020 21:10:15 GMT
server
cloudflare
etag
"11b-5a66b49f24f44-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fjhiJ9P0wjd7SI9VV2IfJXDG0LbVV1JT8G4e8o2wekhnAqfSG8zRmlABoMgDM2x6wI21LW5TrTBltEp19yYCKsrw3gYNaX3bW5RCUcrFWCmRZFJU60zVWlC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84429a787e2854d9-YYZ
3dda45d5-38ed-4307-bb8f-c8f31ddd0e64
https://vast.gg/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://vast.gg/3dda45d5-38ed-4307-bb8f-c8f31ddd0e64
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5586516597684174
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
df64afd1621395a39699e165ffa0d9613a03399c49f621b8c7770fcd24016a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51147
x-xss-protection
0
server
cafe
etag
1401294921524902371
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 04:19:49 GMT
logo.png
vast.gg/wp-content/uploads/2020/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vast.gg/wp-content/uploads/2020/05/logo.png
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ab52caaa9e7e1c45e0844b92e139865d1d41eb47c9f5b45b148a550763e606

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
HIT
last-modified
Sun, 24 May 2020 22:07:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
"daf-5a66c154b8b15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hihAM5PTkc%2B6N7h7JFoJ5C3HCcVOlYq2lugRM%2BErPU9JAUDgZCWwzUOYv9mwpNgs9Pg2cD20fsdvo9PNoxByQC92yFsT3qD1oZUeU%2F0VMAsQgMLNKi4Igk7n"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84429a787e2f54d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
3503
fontawesome.min.css
vast.gg/wp-content/themes/breek/assets/dist/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-content/themes/breek/assets/dist/fontawesome.min.css?ver=4.1.0
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a688f331b963b0214605000f50f1513a929c1be0fec2f6203902cc5b45eb4f1a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 19:24:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
W/"77cc-60414c3c48c0a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BUwpDEsX6%2F3HjqQKR67mLWb48s6zB4HOBaZZUQiWUKipV5T99O7VUcigOnLiNEKiRH6XpnsIMEB%2B4WGRPWiP7WcK1Ton2T4iDj9XBQHp2wDFIogX0YnryOP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84429a788e3354d9-YYZ
alt-svc
h3=":443"; ma=86400
remixicons.min.css
vast.gg/wp-content/themes/breek/assets/dist/ 		72 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-content/themes/breek/assets/dist/remixicons.min.css?ver=4.1.0
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c66b6d27d1b19170b63ab49294609853d2f3a77c334d3b70bb4d59250d413db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 19:24:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
W/"12097-60414c3c49baa-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raJiNpPCAFwb5RQIm4%2BwPMogMi1oha5Q0iGhuxw2PF6aGqinQc8gyt%2B3pnewB%2F9ZAt%2BGinj2eHFR909YLlwHaEgvChZG%2FE5gmNunvi4Y9bl7IAbEYBw%2BNvf%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84429a788e3554d9-YYZ
alt-svc
h3=":443"; ma=86400
jquery.min.js
vast.gg/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 03:47:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
W/"155ba-604d0d64d7e30-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RXGxMjYHpgiixkp6AwuVNG1XlD4Z2GJqKmMbSXUON8t5QlkrhSCgof6KsBwzrhvxF%2FjXrDWyZPuXRqcnGBs4OydYIm1o3RStIZhKdSo67Ky%2BaeeDB5GPzKq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84429a788e3654d9-YYZ
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
vast.gg/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 03:47:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
370
etag
W/"3509-604d0d64d6e90-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yo8vyvpCpnqM2Umm78h%2FziyNPCpILCMYydr8z6HHRhuHyEia%2FpnYBaMMXica149jK8lYkqmjb2LQa5WdW9SfdfmSFGvYjguTJDkv%2F2wD4zccVmtCrz4ff%2FFd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84429a788e3754d9-YYZ
alt-svc
h3=":443"; ma=86400
scripts.min.js
vast.gg/wp-content/themes/breek/assets/dist/ 		134 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-content/themes/breek/assets/dist/scripts.min.js?ver=4.1.0
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
619a04a94887e1578c745f8374a167979caf79f46bfbe9023d9ddf3fcea568b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 19:24:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
W/"217ba-60414c3c49baa-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpO9GodSUvX8pK2EIbA34SZEw7g7%2BYImkup%2Bo0382ZcGFitkkknVFOjJa2MASFfcNyeg%2BeB6X%2BapVZrjON2ldEO902iS41WRlKZYxQkNu4vzLs9VucTHlCcw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84429a788e3a54d9-YYZ
alt-svc
h3=":443"; ma=86400
288ed7-6884-417e-b256-dc21cdb46f76.js
monu.delivery/site/e/5/ 		74 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.246.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-246-226.nac.nodebalancer.linode.com
Software
nginx /
Resource Hash
2feed399fc94cace0e35e30057a08db2e67f73b100df53876af4b1cdf90dd9de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPpyMHui0Ob6v4bAoOafea0qkp5janUb6JAmOC-mCmRhTdJU9iUcSmCtAxOlzM39WWXlOow
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1704952616950938
content-type
application/javascript
x-goog-hash
crc32c=S2pAPA==, md5=E5SYm2zjDjq2tM3qEoYFVQ==
cache-control
max-age=7200
x-goog-stored-content-length
75419
expires
Fri, 12 Jan 2024 06:19:49 GMT
VAST23_WEB.jpg
vast.gg/wp-content/uploads/2023/11/ 		692 KB
693 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vast.gg/wp-content/uploads/2023/11/VAST23_WEB.jpg
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c70949250ae056777c4355adc5b9f915097af80ce54660e779b3f0e62cd912

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Nov 2023 03:46:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
"acfc6-60a28be9f7ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qTUgdNegDNfP9DcAmBAeYoYP4XnYf2I1Wwiz%2Fr6KR98fhn8jQbDw402zs2aP1wIMfJeTe18jyB34yhqouw%2Ft8tIvXpMWfDNPh4DMMa0%2BPFo1TTd7rjQZVOs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84429a78ae5954d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
708550
VAST_Twitter_1-700x394.jpg
vast.gg/wp-content/uploads/2024/01/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vast.gg/wp-content/uploads/2024/01/VAST_Twitter_1-700x394.jpg
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f965f88ba9825b60816db6654ed01c124c92fed5ffcd8a92963598a432e5cdf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 17:47:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
359
etag
"116c6-60e72c9761b97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uz%2FouMSpdujsgYheLrDTz9z%2FrBNbeVL0T6k7ZT77TvfXOr%2FUEiYI%2B4hHBK4iBHj7slX%2FLXCZOt%2FaPT4a8NI7U73Q93uqX6DpADYcV3B%2BxJmnHkx3TK9laK2G"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84429a78be5b54d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
71366
8b15de2c7709dd0ba118f6bc64b47baf
secure.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/8b15de2c7709dd0ba118f6bc64b47baf?s=96&d=mm&r=g
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4b9f18c4ea5f23262f40f2eea21769a855ad2c486ec5da02818c5b1a1b0436ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 12 Jan 2024 04:19:49 GMT
last-modified
Wed, 01 Sep 2021 16:38:01 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8b15de2c7709dd0ba118f6bc64b47baf.jpeg"
accept-ranges
bytes
link
<https://gravatar.com/avatar/8b15de2c7709dd0ba118f6bc64b47baf?s=96&d=mm&r=g>; rel="canonical"
content-length
2866
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jan 2024 04:24:49 GMT
8b15de2c7709dd0ba118f6bc64b47baf
secure.gravatar.com/avatar/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/8b15de2c7709dd0ba118f6bc64b47baf?s=192&d=mm&r=g
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
191f6247d603a830b3e62d296c70055d915036e043f4295aae2f7b57f4996f8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc
HIT yyz 2
date
Fri, 12 Jan 2024 04:19:49 GMT
last-modified
Wed, 01 Sep 2021 16:38:01 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8b15de2c7709dd0ba118f6bc64b47baf.jpeg"
accept-ranges
bytes
link
<https://gravatar.com/avatar/8b15de2c7709dd0ba118f6bc64b47baf?s=192&d=mm&r=g>; rel="canonical"
content-length
5760
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jan 2024 04:24:49 GMT
fontawesome-webfont.woff2
vast.gg/wp-content/themes/breek/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-content/themes/breek/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: vast.gg
URL: https://vast.gg/wp-content/themes/breek/assets/dist/fontawesome.min.css?ver=4.1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://vast.gg/wp-content/themes/breek/assets/dist/fontawesome.min.css?ver=4.1.0
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 19:24:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"12d68-60414c3c4ab4a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5k7cqVBipvDuwjAvSLrem8TJBW1S5tByHqMvtf6%2B9ETrjr5y2To%2BUNVcmD21iRMyF2phd4S%2B7fLbMHjY7Ypqaopl4p9EkPaJfdXO0Jhz6FPMun12rFyfeNh"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84429a78da10a1f6-YYZ
alt-svc
h3=":443"; ma=86400
content-length
77160
remixicon.woff2
vast.gg/wp-content/themes/breek/assets/fonts/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-content/themes/breek/assets/fonts/remixicon.woff2
Requested by
Host: vast.gg
URL: https://vast.gg/wp-content/themes/breek/assets/dist/remixicons.min.css?ver=4.1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2fdf8dc183e5593742f5eefae23e30a8217dd99c395b3aed04a01f6c1abbeb9

Request headers

Referer
https://vast.gg/wp-content/themes/breek/assets/dist/remixicons.min.css?ver=4.1.0
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 19:24:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15db0-60414c3c4baeb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMp01pZ6514s4dWCla14jxEMvM3smeQ29l%2BbQ0%2BvhouRN669Pga9Ej2XuiDReYpqzM0zxA5YBgb7XrtFh6B5HhvADQvtebNddn2RORgxZPViLEAyknS6iP4%2B"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84429a78fa3aa1f6-YYZ
alt-svc
h3=":443"; ma=86400
content-length
89520
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C600%2C600i%2C700%2C700i%7CMontserrat%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:41:44 GMT
x-content-type-options
nosniff
age
52685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 13:41:44 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C600%2C600i%2C700%2C700i%7CMontserrat%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 20:46:18 GMT
x-content-type-options
nosniff
age
113611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 20:46:18 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C600%2C600i%2C700%2C700i%7CMontserrat%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 20:59:34 GMT
x-content-type-options
nosniff
age
112815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 20:59:34 GMT
288ed7-6884-417e-b256-dc21cdb46f76.js
monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/ 		648 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.246.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-246-226.nac.nodebalancer.linode.com
Software
nginx /
Resource Hash
46d76bb696d322837021d7610530a36b31951fa0cc400b97c3da03601e71f500

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPqRncJXEGndsFoEU5JUH9-jkBH8ggkFGLq8nZ3LYxolHYYKbOn3o8GpY7tuldHIMTD_wtI
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1704952619709485
content-type
application/javascript
x-goog-hash
crc32c=ABRo9A==, md5=PmFZtEStM4h6uYW44sJxOA==
cache-control
max-age=7200
x-goog-stored-content-length
663631
expires
Fri, 12 Jan 2024 06:19:49 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.246.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-246-226.nac.nodebalancer.linode.com
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
age
34
x-guploader-uploadid
ABPtcPoO3_6UiDwWjohfiDyxYPTS3ad6R6Ybqb98IuK0OuPy1uO4Bmpp5nytSdCtiPjmylf12kE
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Mon, 06 Jan 2025 04:19:49 GMT
wp-emoji-release.min.js
vast.gg/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vast.gg/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.56.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Jun 2023 15:51:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6939
etag
W/"4904-5fd13698f508c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5zTdEGXWrSjB2xvAv3hBAgmOv8kIgzN4m63OkfTtQFKnANKruAKzQSDHbEu2O48dec%2BQj%2BwzlSKvDwzfPd7ZgupSxtsuwbxPpyBpSuPgDw2XlwN2t7BirBr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84429a799b24a1f6-YYZ
alt-svc
h3=":443"; ma=86400
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5586516597684174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0897325e1d07c5116d1e2470382253289b3c6e7ce6334d2799e173f3f852e009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139352
x-xss-protection
0
server
cafe
etag
8090224645708805650
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 04:19:49 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame D8E3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5586516597684174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26783
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 20:53:26 GMT
etag
9219409622527106327
expires
Thu, 25 Jan 2024 20:53:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NFGQ7Q0YK7&gtm=45je41a0v9109324225&_p=1705033189181&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=680730703.1705033189&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705033189&sct=1&seg=0&dl=https%3A%2F%2Fvast.gg%2F&dr=https%3A%2F%2Ft.co%2F&dt=Vast%20Giveaways%3A%20Find%20the%20best%20giveaways%20%26%20sweepstakes%20to%20enter&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=647
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFGQ7Q0YK7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
239 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NFGQ7Q0YK7&cid=680730703.1705033189&gtm=45je41a0v9109324225&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFGQ7Q0YK7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NFGQ7Q0YK7&cid=680730703.1705033189&gtm=45je41a0v9109324225&aip=1&dma=0&gcd=11l1l1l1l1&z=1779022216
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame FCE0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.246.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-45-79-246-226.nac.nodebalancer.linode.com
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
age
0
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Fri, 12 Jan 2024 04:19:49 GMT
expires
Mon, 06 Jan 2025 04:19:49 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ABPtcPqNDuPvWSJXD8R4EkOGXaVW6X1AFdRzAtBz7SoSL70diX4sp9zywYwFJwSIs-r4zjceZpU
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vast.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://vast.gg
access-control-max-age
86400
date
Fri, 12 Jan 2024 04:19:49 GMT
server
nginx
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vast.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://vast.gg
access-control-max-age
86400
date
Fri, 12 Jan 2024 04:19:49 GMT
server
nginx
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vast.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://vast.gg
access-control-max-age
86400
date
Fri, 12 Jan 2024 04:19:49 GMT
server
nginx
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		474 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2636f57eecbdf126dfa0f81f899f2fc71f6fd9bc0c2797318a0b14fd6c4f31d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Jan 2024 03:41:20 GMT
server
cloudflare
x-amz-request-id
PXNKP6R7EQB4R4G1
age
276
etag
W/"58eee69f68b8a5db1989c15f8c45a344"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
84429a7b391237cf-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
TqeWlaNsC1LLckOoY4qIlvfIu8W3Hz19IjaO3fyK5heB1Iq7Wzp6cw8NVtfNQoCHEQ0RGzj1FCUoA1IsecdKe7pUuLLQrdLkS6z386U2S2s=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-34.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6343356bb1b36e7b34994fdb3293f4e426c360cd35bda51a639d551a5f569b06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
S3vVyNvHm.ARP_H4AY9j2FKE5N5OmuNx
content-encoding
gzip
via
1.1 08f45c153a856ff7955174d0e6f60744.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 14:40:40 GMT
x-amz-cf-pop
IAD89-C3
age
49160
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 16 Aug 2023 12:39:57 GMT
server
AmazonS3
etag
W/"9ede2bebd0fab2fa445272da7e6bfa07"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
QIJHCS1b7b4wmVfTbq8F2-EcTDgp0lGhIGxE9beiR4yhA8TGvyllgg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
df4dc08a1cba26d8f07249b81a79951643128babe0a7a39e6fed51442b43d9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29835
x-xss-protection
0
server
cafe
etag
853 / 19734 / 31080405 / config-hash: 9168911636527851926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 04:19:49 GMT
76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
config.aps.amazon-adsystem.com/configs/ 		564 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
7d6a50fffc98c121920d8577cd8c405b8a02a0345cafbfc2ba5dd470e62c8079

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:38:36 GMT
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
2473
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
oK4n4DYadbuWNU28ij2hsYUv_We1y6_b9lONc76Lpk66-KyUvyIUVQ==
publisher.js
client.aps.amazon-adsystem.com/ 		261 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-82.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b70d5f158ad9fb8db0a1c335114075558d819212c80ce6d0aca87c348afb174

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:50:22 GMT
content-encoding
br
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
1768
x-amz-server-side-encryption
AES256
etag
W/"43cf1e7a2beb2adb8dd9e6250dd28a33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
G50Obe-CJtRBArKju0icgptv0OWuZRUNK_jD8GcWtD0PByG_zSauJw==
pbjs
api.id5-sync.com/analytics/1013/ 		70 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.id5-sync.com/analytics/1013/pbjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
ba8451f39b0887dfff955335e5bf9007d350bf5c2d9f5ef697e07275ecbc331a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 12 Jan 2024 04:19:49 GMT
cache-control
max-age=300, public
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705033189591&to=480&aun=mmt-912728e9-bd5a-411c-a4d8-564b242e1809_1_1_ad&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.I%23pillar-9&maxw=160&maxh=600&si=207602&pi=3&bf=160x600&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fvast.gg%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=https%3A%2F%2Fvast.gg%2F&ns=9728
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.53.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-53-144.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c54b209f45e149431545e42174dbb522b188a2aa892f0b97e426f4fd3e931cd5

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ 		0
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		179 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fvast.gg%2F&PageUrl=https%3A%2F%2Fvast.gg%2F&PageReferrer=https%3A%2F%2Ft.co%2F&CanonicalUrl=https%3A%2F%2Fvast.gg%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
0ab2e1b9729b261652bae7801dd8dc316ee0b0b9a38612fd36ea419a4fcd11d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
33
content-length
179
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
translator
hbopenbid.pubmatic.com/ 		0
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=9&p_pos=atf&rp_schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1,,,&eid_pubcid.org=f0600f6c-8b9b-4af5-bc92-56ef42c2b000%5E1&rf=https%3A%2F%2Fvast.gg%2F&tg_i.domain=vast.gg&tg_i.page=https%3A%2F%2Fvast.gg%2F&tg_i.ref=https%3A%2F%2Ft.co%2F&tg_i.cat=680%2C684&tg_i.cattax=6&tg_i.id=e5288ed7-6884-417e-b256-dc21cdb46f76&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.I%23pillar-9&tk_flint=pbjs_lite_v8.12.0&x_source.tid=8486468a-9477-46de-be17-82eea78a0bd5&l_pb_bid_id=10f77fa01c74b78&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2f37e549-0be9-4339-8af1-f085fb48c975&rp_maxbids=1&p_gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.I%23pillar-9&slots=1&rand=0.7881540492677179
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f63c6fcbbff01739456f2e2b506b0cba7948176a1957c592f862620a07a73473

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
472
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=242369
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b822256d90dbf2bc6e89e4dc5e2ef9cde3d76ed199b3a28effe98c4864a5fba9

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRrLyvslvbRMmExXHhtkp5RctHjFMxkMa2894tBwxuaWcoh%2B6XBGHPdzaQ%2Bz%2BvLpdU02Xsu2TsJRJ1%2B9QYPVpVGo63GSYLEJTWvyqi9N4QzodSs6v7vT6TG9pm28c7YLKL3OnfZf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84429a7b596454d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		904 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
42f5540f8ac207564ea7f41b96ba8aef84119ac1668bfa7fe4287262d86193d4

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:48 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
469
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
352446174
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		588 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22184eef854caf25%22%3A%22177369c437c672237248%7C160x600%7Cgpid%3D%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.I%23pillar-9%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fvast.gg%2F&s=1b6d5339-f519-4b3c-94cd-b0891c3bec35&pv=792586a7-1753-4306-b7d4-393f93c8cf7e&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%2296d60d56-5c40-4f5d-aa7c-c971189bdbf4%22%2C%22pcidDate%22%3A1705033189605%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%228486468a-9477-46de-be17-82eea78a0bd5%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22vast.gg%22%2C%22publisher%22%3A%7B%22domain%22%3A%22vast.gg%22%7D%2C%22page%22%3A%22https%3A%2F%2Fvast.gg%2F%22%2C%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22cat%22%3A%5B%22680%22%2C%22684%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%22185.213.80.244%22%2C%22city%22%3A%22Montreal%22%2C%22region%22%3A%22QC%22%2C%22country%22%3A%22CA%22%2C%22lat%22%3A45.5075%2C%22lon%22%3A-73.5887%2C%22type%22%3A2%2C%22accuracy%22%3A20%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22H3H%22%2C%22tz%22%3A%22America%2FToronto%22%2C%22utcoffset%22%3A240%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ip%22%3A%22185.213.80.244%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
79e510ba39e5709c9919e6d155d41c45882c581e60c51fd5c2a4111d8bb71753
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-88
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
332
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
698 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
44417d92e38dacd0f068be3573781204179275c0f9f85e852843eb6eb0889ab4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
an-x-request-uuid
f14e445b-ed5a-4408-90c1-a019802b4be8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
8703cb3dfb157154ae3eea0a4829192f88e1fd4b7cf14197e9d901120cafa383

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
31
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 04:19:49 GMT
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
788 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.132.116 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:49 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
101
server
istio-envoy
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
prebid
ads.yieldmo.com/exchange/ 		0
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-912728e9-bd5a-411c-a4d8-564b242e1809_1_1_ad%22%2C%22callback_id%22%3A%222646a0997531606%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222540682012541263920%22%2C%22gpid%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.I%23pillar-9%22%2C%22tid%22%3A%222f37e549-0be9-4339-8af1-f085fb48c975%22%2C%22auctionId%22%3A%228486468a-9477-46de-be17-82eea78a0bd5%22%7D%5D&page_url=https%3A%2F%2Fvast.gg%2F&bust=1705033189611&dnt=false&description=Browse%20exclusive%20giveaways%20and%20sweepstakes%20to%20win%20prizes%20from%20your%20favorite%20brands%2C%20gadgets%2C%20%26%20web%20services.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=https%3A%2F%2Ft.co%2F&scrd=1&title=Vast%20Giveaways%3A%20Find%20the%20best%20giveaways%20%26%20sweepstakes%20to%20enter&w=1600&h=1200&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
s.seedtag.com/c/hb/ 		0
0
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.132.116 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:49 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
120
server
istio-envoy
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705033189619&to=480&aun=mmt-c42a325c-f11b-427c-9c64-84ed5a21f6b9_1_1_ad&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2&t=boa9nz03&pi=2&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fvast.gg%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=https%3A%2F%2Fvast.gg%2F&ns=9728
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.53.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-53-144.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bf92b4f3441334f72ed74b12356b4b9cf585c7140724dd7274cc0ea76c6de2c0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ads.yieldmo.com/exchange/ 		0
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-c42a325c-f11b-427c-9c64-84ed5a21f6b9_1_1_ad%22%2C%22callback_id%22%3A%22349211440a85d9c%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222540682012541263920%22%2C%22gpid%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2%22%2C%22tid%22%3A%221a3ba0b4-ee88-4b01-825d-87481c41f770%22%2C%22auctionId%22%3A%226efd6499-549c-4466-9e08-8dca494d25a3%22%7D%5D&page_url=https%3A%2F%2Fvast.gg%2F&bust=1705033189620&dnt=false&description=Browse%20exclusive%20giveaways%20and%20sweepstakes%20to%20win%20prizes%20from%20your%20favorite%20brands%2C%20gadgets%2C%20%26%20web%20services.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=https%3A%2F%2Ft.co%2F&scrd=1&title=Vast%20Giveaways%3A%20Find%20the%20best%20giveaways%20%26%20sweepstakes%20to%20enter&w=1600&h=1200&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ 		589 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22360422e64f614b5%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fvast.gg%2F&s=1288040b-fa90-4bb5-aef5-69bf46eb8b5d&pv=792586a7-1753-4306-b7d4-393f93c8cf7e&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%2296d60d56-5c40-4f5d-aa7c-c971189bdbf4%22%2C%22pcidDate%22%3A1705033189605%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%226efd6499-549c-4466-9e08-8dca494d25a3%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22vast.gg%22%2C%22publisher%22%3A%7B%22domain%22%3A%22vast.gg%22%7D%2C%22page%22%3A%22https%3A%2F%2Fvast.gg%2F%22%2C%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22cat%22%3A%5B%22680%22%2C%22684%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%22185.213.80.244%22%2C%22city%22%3A%22Montreal%22%2C%22region%22%3A%22QC%22%2C%22country%22%3A%22CA%22%2C%22lat%22%3A45.5075%2C%22lon%22%3A-73.5887%2C%22type%22%3A2%2C%22accuracy%22%3A20%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22H3H%22%2C%22tz%22%3A%22America%2FToronto%22%2C%22utcoffset%22%3A240%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ip%22%3A%22185.213.80.244%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
23513f85be4f125afb96b9196354bcd7a918853024330eb2084c211cbca859fd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
333
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
318 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fvast.gg%2F&PageUrl=https%3A%2F%2Fvast.gg%2F&PageReferrer=https%3A%2F%2Ft.co%2F&CanonicalUrl=https%3A%2F%2Fvast.gg%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
8695084c68da240d812f845f2f37f2f560fda0eb79c0240104cbba715d631ef4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
22
content-length
180
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
217e374fae2a2855c51a7c79da717b2c1465290622622f2cfc4a7fb9736adaf9

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feQO7QHkO3lJ%2BGVpPDMcDzY57Fhf6Z5KfX2iai0bfo9DYd35EkLVCYgCllW32JXmzwJ9pEschQ%2FpIqQPfNJ399fRzCZChqgmNbyB3wAvTpxnpuWi8T0w%2FsydOCSQcGpgiQ8RUOHq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84429a7b596654d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
793 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=atf&rp_schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1,,,&eid_pubcid.org=f0600f6c-8b9b-4af5-bc92-56ef42c2b000%5E1&rf=https%3A%2F%2Fvast.gg%2F&tg_i.domain=vast.gg&tg_i.page=https%3A%2F%2Fvast.gg%2F&tg_i.ref=https%3A%2F%2Ft.co%2F&tg_i.cat=680%2C684&tg_i.cattax=6&tg_i.id=e5288ed7-6884-417e-b256-dc21cdb46f76&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2&tk_flint=pbjs_lite_v8.12.0&x_source.tid=6efd6499-549c-4466-9e08-8dca494d25a3&l_pb_bid_id=46c35f6c0c67a29&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1a3ba0b4-ee88-4b01-825d-87481c41f770&rp_maxbids=1&p_gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2&slots=1&rand=0.058978431877334314
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d46c70efcb50745e70f757e589f472b17d715c426f8eae71bbd8b1e30d4b4e7f

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
472
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		904 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
f4265a764bc056a666e879f04b12e5e27e3b74f1228ea95f29ec099e3c03b265

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
470
hb-mm-multi
hb.minutemedia-prebid.com/ 		0
0
prebid
prebid.media.net/rtb/ 		1 KB
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e16f9d1e6903989b5ac31359c426715e958a4504ada16b32d50d5839a6be81dc

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:48 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
79
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 04:19:49 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f380492617b3682dd24cfcce7819c5c9774b6191a86df94705e69ca76b74daa4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
an-x-request-uuid
9d4dae54-b77b-454c-8ab5-d45610ef1646
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
356853840
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705033189632&to=480&aun=mmt-2ad35424-8dec-44c1-885a-e1c37db86870_1_1_ad&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDB.A%23sticky-header-1&maxw=728&maxh=90&si=207603&pi=3&bf=728x90&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fvast.gg%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=https%3A%2F%2Fvast.gg%2F&ns=9728
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.53.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-53-144.compute-1.amazonaws.com
Software
nginx /
Resource Hash
26d5d8381823437c3d6fe6bb4db1ff2efffa6d8244038285a06d046764214f42

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
533 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.132.116 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:49 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
183
server
istio-envoy
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee46911d5233c3785905d83915f70de6e1af9333ba495a9f15ebdb86b568a3e

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0%2Bb8dE1ZMH1xMg8g%2B2cPCA%2FRIKrSVqyzCRSFA7utbB7m1EqXhHmQtHvi7h2xn6pN1P%2BXu0Cjunlaw25z1IOcSBJkoee34eVOfzkOls6c6VNySWF8udJxlZ1fCuqh9YAsnqrHivA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84429a7b596754d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fvast.gg%2F&PageUrl=https%3A%2F%2Fvast.gg%2F&PageReferrer=https%3A%2F%2Ft.co%2F&CanonicalUrl=https%3A%2F%2Fvast.gg%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
054c778c4da7412d5ce98b248f627d9e1ce597af114771751604b7021e18e636
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
4
content-length
180
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
v2
e.serverbid.com/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
hb-mm-multi
hb.minutemedia-prebid.com/ 		0
0
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
354373473
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
cf15bbf4c9adccb509fcfed144241655b0d396b6d2cda6b8c63724f40ced540f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
an-x-request-uuid
9973eff4-73aa-44af-b924-974887ddd302
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		904 B
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
110c42aa3f51e956a76f6a8bec4fd20f43bc189f0fb068e66b1ffdaacd2295e0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
470
prebid
ads.yieldmo.com/exchange/ 		0
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-2ad35424-8dec-44c1-885a-e1c37db86870_1_1_ad%22%2C%22callback_id%22%3A%227884f8ca748c9da%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222540682012541263920%22%2C%22gpid%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDB.A%23sticky-header-1%22%2C%22tid%22%3A%222f9950b2-1e95-4019-90bf-1a045829b978%22%2C%22auctionId%22%3A%22f2b4e287-6e4f-4a26-8f2b-8a213556d463%22%7D%5D&page_url=https%3A%2F%2Fvast.gg%2F&bust=1705033189639&dnt=false&description=Browse%20exclusive%20giveaways%20and%20sweepstakes%20to%20win%20prizes%20from%20your%20favorite%20brands%2C%20gadgets%2C%20%26%20web%20services.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=https%3A%2F%2Ft.co%2F&scrd=1&title=Vast%20Giveaways%3A%20Find%20the%20best%20giveaways%20%26%20sweepstakes%20to%20enter&w=1600&h=1200&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		1 KB
743 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e8d9271049469cc1d8f8a263abfdbd1f6e4c566495b192dcff36e272ad28f671

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
78
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 04:19:49 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		479 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&rp_schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1,,,&eid_pubcid.org=f0600f6c-8b9b-4af5-bc92-56ef42c2b000%5E1&rf=https%3A%2F%2Fvast.gg%2F&tg_i.domain=vast.gg&tg_i.page=https%3A%2F%2Fvast.gg%2F&tg_i.ref=https%3A%2F%2Ft.co%2F&tg_i.cat=680%2C684&tg_i.cattax=6&tg_i.id=e5288ed7-6884-417e-b256-dc21cdb46f76&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDB.A%23sticky-header-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=f2b4e287-6e4f-4a26-8f2b-8a213556d463&l_pb_bid_id=82c5988cd059286&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2f9950b2-1e95-4019-90bf-1a045829b978&rp_maxbids=1&p_gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDB.A%23sticky-header-1&slots=1&rand=0.5544471852535751
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
90faab7fa347962bc4534c2aa36891408f153ae01bc910377ead2ea1a8d22141

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
479
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		589 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2284528e5aa0d4f44%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDB.A%23sticky-header-1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fvast.gg%2F&s=a05eff63-7b78-4ceb-9f8e-fc3c4e429d77&pv=792586a7-1753-4306-b7d4-393f93c8cf7e&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%2296d60d56-5c40-4f5d-aa7c-c971189bdbf4%22%2C%22pcidDate%22%3A1705033189605%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22f2b4e287-6e4f-4a26-8f2b-8a213556d463%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22vast.gg%22%2C%22publisher%22%3A%7B%22domain%22%3A%22vast.gg%22%7D%2C%22page%22%3A%22https%3A%2F%2Fvast.gg%2F%22%2C%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22cat%22%3A%5B%22680%22%2C%22684%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%22185.213.80.244%22%2C%22city%22%3A%22Montreal%22%2C%22region%22%3A%22QC%22%2C%22country%22%3A%22CA%22%2C%22lat%22%3A45.5075%2C%22lon%22%3A-73.5887%2C%22type%22%3A2%2C%22accuracy%22%3A20%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22H3H%22%2C%22tz%22%3A%22America%2FToronto%22%2C%22utcoffset%22%3A240%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ip%22%3A%22185.213.80.244%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
9409f9daa466f7e69a607048e917d37893088a9c17fb2d8027557823ceff3bc1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-119
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
332
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=eb828732-7474-47c2-b42b-fcaa21afd078&a=p.d.l&u=GYT5QM&d=%7B%22c%22%3A%22CA%22%2C%22r%22%3A%22QC%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:37:23 GMT
age
78147
x-guploader-uploadid
ABPtcPpmcxBjpnlENUIkZ0DJtGm9r8kSztv2PHLkN_Kg1VH4S4n-haSrnEdgPk8JRkrOnEIJrZ_zsKXb8KSCdnwuomzM0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:37:23 GMT
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-34.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding
br
via
1.1 512f238cbc4caf579dfdfec080d485e0.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 03:43:32 GMT
last-modified
Tue, 12 Dec 2023 13:01:22 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P4
age
2181
x-amz-server-side-encryption
AES256
etag
W/"6f5acc886b373331d622309f643f2f89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
OiKWCeKKUY0sHWNXj7wJyeNqe_lWwbhvSagA2-X9C_zd71EL2T-rJg==
ads
googleads.g.doubleclick.net/pagead/ Frame A844 		0
179 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5586516597684174&output=html&adk=1812271804&adf=3025194257&lmt=1705033189&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=https%3A%2F%2Fvast.gg%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705033189418&bpp=4&bdt=253&idt=273&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4779225305804&frm=20&pv=2&ga_vid=680730703.1705033189&ga_sid=1705033190&ga_hid=1666817499&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080260%2C31080263%2C31080265&oid=2&pvsid=228952408183555&tmod=1253493320&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:49 GMT
expires
Fri, 12 Jan 2024 04:19:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202401101304/ 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:05:23 GMT
server
cloudflare
x-amz-request-id
A2Z3QYAP4HMJG9E5
age
119666
etag
W/"5aabb710020a401097c59bf9249caa6c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84429a7bd9e837cf-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
EGuhk6adPZo6b2yYAp3XbDvJHU0uXbDgAMz7VcHuYLiJ93FwPFf97ElXSxzO2yT8ZOudvnaH680=
bid
aax.amazon-adsystem.com/e/dtb/ 		242 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2F&pr=https%3A%2F%2Ft.co%2F&pid=0lEhblQwfhyvH&cb=0&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-c42a325c-f11b-427c-9c64-84ed5a21f6b9_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-30.iad61.r.cloudfront.net
Software
Server /
Resource Hash
4bf828301822f58d940049d9d813711a192418e2e839e473d1d6d241960b4855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a1b25b0d3d9a8dc90e047cb69c24f48c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
x-amz-rid
P780ZZDSNQQT6TF7PRS9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
242
x-amz-cf-id
Wt4e4MUObhTK3ZettH4Y4qE6rEcMkq0TfWZTgJrxYxuQjbBIbpJ7ZA==
bid
aax.amazon-adsystem.com/e/dtb/ 		242 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2F&pr=https%3A%2F%2Ft.co%2F&pid=0lEhblQwfhyvH&cb=1&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-2ad35424-8dec-44c1-885a-e1c37db86870_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDB.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-30.iad61.r.cloudfront.net
Software
Server /
Resource Hash
86518e5e9324e8b31ebcfe703b92b7c8a951bb75e83007c589e4b5e3f19c656b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a1b25b0d3d9a8dc90e047cb69c24f48c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
x-amz-rid
YZRE9BX6ACF6Y3V7WRY8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
242
x-amz-cf-id
uxnwOp_n76RKBLAmV_ZxQUr6Z-OXqYJ3SzBfBnFbV1uFbLdA5A4nYw==
bid
aax.amazon-adsystem.com/e/dtb/ 		242 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2F&pr=https%3A%2F%2Ft.co%2F&pid=0lEhblQwfhyvH&cb=2&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-912728e9-bd5a-411c-a4d8-564b242e1809_1_1_ad%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDR.I%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-30.iad61.r.cloudfront.net
Software
Server /
Resource Hash
04ab5c6045b956e0a133c7f687c0456131c83939f6b75b173ca83e61e63557d2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a1b25b0d3d9a8dc90e047cb69c24f48c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
x-amz-rid
T9Y0TP07XC9D3AQMBPV8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
242
x-amz-cf-id
VOPLYkc0Wki-ffRYX6lZkmRkPpu9DBx2llyncC3Ko8W4JqqR6-gZbQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 936f33bed45438343f0ef2adff442814.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 02:43:29 GMT
x-amz-cf-pop
IAD89-C1
age
5781
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
MymUKmLaYsL4SiJ4KTFusp4ZeL44l4iEmcdUonMNY58qWc4CnWo4Ow==
config
c.amazon-adsystem.com/cdn/prod/ 		759 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvast.gg&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
Server /
Resource Hash
9229ce97168b9fad80cccb0bb2fe7b0b301fcf902b50b78924af7e1f22f584b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:38:10 GMT
via
1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
9699
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
759
x-amz-cf-id
CTxhAb05YFVY7wtLF-IZwfvHworU98dIXmqNd6mJy0zgnUIFRbJn2w==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60022
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140824
x-xss-protection
0
server
cafe
etag
1760809391848743662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 Jan 2025 11:39:27 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=eb828732-7474-47c2-b42b-fcaa21afd078&a=i.r&u=GYT5QM&d=%7B%22auPath%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDW.A%22%7D
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:37:23 GMT
age
78147
x-guploader-uploadid
ABPtcPpmcxBjpnlENUIkZ0DJtGm9r8kSztv2PHLkN_Kg1VH4S4n-haSrnEdgPk8JRkrOnEIJrZ_zsKXb8KSCdnwuomzM0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:37:23 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=eb828732-7474-47c2-b42b-fcaa21afd078&a=s.d&u=912728e9-bd5a-411c-a4d8-564b242e1809
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:37:23 GMT
age
78147
x-guploader-uploadid
ABPtcPpmcxBjpnlENUIkZ0DJtGm9r8kSztv2PHLkN_Kg1VH4S4n-haSrnEdgPk8JRkrOnEIJrZ_zsKXb8KSCdnwuomzM0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:37:23 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=eb828732-7474-47c2-b42b-fcaa21afd078&a=s.d&u=c42a325c-f11b-427c-9c64-84ed5a21f6b9
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:37:23 GMT
age
78147
x-guploader-uploadid
ABPtcPpmcxBjpnlENUIkZ0DJtGm9r8kSztv2PHLkN_Kg1VH4S4n-haSrnEdgPk8JRkrOnEIJrZ_zsKXb8KSCdnwuomzM0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:37:23 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=eb828732-7474-47c2-b42b-fcaa21afd078&a=s.d&u=aacf6af3-bbfa-4804-a091-f7a6fa7ee10a
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:37:23 GMT
age
78147
x-guploader-uploadid
ABPtcPpmcxBjpnlENUIkZ0DJtGm9r8kSztv2PHLkN_Kg1VH4S4n-haSrnEdgPk8JRkrOnEIJrZ_zsKXb8KSCdnwuomzM0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:37:23 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=eb828732-7474-47c2-b42b-fcaa21afd078&a=s.d&u=2ad35424-8dec-44c1-885a-e1c37db86870
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:37:23 GMT
age
78147
x-guploader-uploadid
ABPtcPpmcxBjpnlENUIkZ0DJtGm9r8kSztv2PHLkN_Kg1VH4S4n-haSrnEdgPk8JRkrOnEIJrZ_zsKXb8KSCdnwuomzM0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:37:23 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		0
0
esp.js
cdn.id5-sync.com/api/1.0/ 		114 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
FZJNW024KV42KE98
age
8
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84429a83af81a1fe-YYZ
x-amz-id-2
G3C4aEaADyP6Ydo+7CfSQ532WSVME2oRGy4v8nHs5TKaSX5jMICrgI3wlvH7FfDP3yz+NZboYDNyzxIz1KwyGg==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 10:45:42 GMT
content-encoding
gzip
age
1013648
x-guploader-uploadid
ABPtcPrC-6N0WNjzkM5qAh9JaWJNUVWmAuT0EUNe79SUUOq5-JbFZ2q1o6Moq1ulXJNw4mtxq8o8E0tUjSpY48-eCIAGww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 30 Dec 2024 10:45:42 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		0
0
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-56.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:00:47 GMT
content-encoding
gzip
via
1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
29944
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Awl2AvmAZ4m2zsLOKZdvtfaSzFhdh-881EyQwtK-arakG5r9XJIMcA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-71.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 11 Jan 2024 14:22:48 GMT
Via
1.1 1df382f2345322fac115f7931b894fda.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD79-C1
Age
50224
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
fi-mI5R-aHkVIPtG4C0OUTEr-Bpy0apTpkEjixfb7jZ7umKq2fujdw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
44875e2e49695f79f04739c6e76e31a0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		213 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=228952408183555&correlator=239737433137598&eid=31080405&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDW.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705033189910&lmt=1705033189&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvast.gg%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=680730703.1705033189&ga_sid=1705033190&ga_hid=1666817499&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYk5SX388xSABSAghkEhkKCnB1YmNpZC5vcmcYk5SX388xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJOUl9_PMUgAUgIIZBIXCghydGJob3VzZRiTlJffzzFIAFICCGQSFAoFb3BlbngYk5SX388xSABSAghkEhkKCnVpZGFwaS5jb20Yk5SX388xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiTlJffzzFIAFICCGQ.&dlt=1705033189166&idt=715&prev_scp=sesspv_refresh%3D0_0%26refresh_count%3D0%26pos%3D1%26tabVisibilityState%3Dvisible&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D684%26url%3Dvast.gg%26referrer%3Dt%26infolinks%3Dtrue%26hem_included%3Dfalse&adks=572303356&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e136212b0a09cd9749081c9cff9854921ad1f4a8ebd7d84bee563c000ed132b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58750
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D3B2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
Sat, 11 Jan 2025 04:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl_page_level_ads.js?cb=31080405
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b2230514e38f734bcd701ef95f5ab4f9c8e21317ca3f714c898d4c0398cbf829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
26834
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13823
x-xss-protection
0
server
cafe
etag
7158585070445898178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 Jan 2025 20:52:35 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
B9HY7V9C3HZH3B1B
age
2192
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84429a83af83a1fe-YYZ
x-amz-id-2
IkVErxTaggNFP1FoMT861WLPwB8EXPG1LgO1G1SpfWxP0ZjRupaPOKogxbmClLTqesBOkGD5X3k=
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vast.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://vast.gg
access-control-max-age
86400
date
Fri, 12 Jan 2024 04:19:49 GMT
server
nginx
hb-mm-multi
hb.minutemedia-prebid.com/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		498 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=15&alt_size_ids=43%2C117&rp_schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1,,,&eid_pubcid.org=f0600f6c-8b9b-4af5-bc92-56ef42c2b000%5E1&rf=https%3A%2F%2Fvast.gg%2F&tg_i.domain=vast.gg&tg_i.page=https%3A%2F%2Fvast.gg%2F&tg_i.ref=https%3A%2F%2Ft.co%2F&tg_i.cat=680%2C684&tg_i.cattax=6&tg_i.id=e5288ed7-6884-417e-b256-dc21cdb46f76&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.C%23sidebar-3&tk_flint=pbjs_lite_v8.12.0&x_source.tid=cb9611b1-2ff8-4d04-a290-4d9c2516cbde&l_pb_bid_id=88b0de8aeffab37&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=278f1d8e-7ce5-463e-a2e3-d07eb402ba5d&rp_maxbids=1&p_gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.C%23sidebar-3&slots=1&rand=0.1371929259286837
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0ff4773243842179e9431d578745abf5be2a905e550fd74c1240f6e7bd6c03f5

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
498
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		904 B
621 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
8692876130dfb184903eaa05b62938cbd8be6a4deed7a85cb48c26f4a190bad3

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
content-length
469
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
565 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.132.116 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:50 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
199
server
istio-envoy
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
prebid
ib.adnxs.com/ut/v3/ 		138 B
979 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
578defb1706fefb42fefb5b2c776919bcf128c3bb263ddb0712adc53c0e41e9d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
an-x-request-uuid
3cd37008-1ab5-4663-a878-f12aed0c2a99
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-aacf6af3-bbfa-4804-a091-f7a6fa7ee10a_1_1_ad%22%2C%22callback_id%22%3A%229893020454729e8%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%2C%5B320%2C100%5D%5D%2C%22ym_placement_id%22%3A%222540682012541263920%22%2C%22gpid%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.C%23sidebar-3%22%2C%22tid%22%3A%22278f1d8e-7ce5-463e-a2e3-d07eb402ba5d%22%2C%22auctionId%22%3A%22cb9611b1-2ff8-4d04-a290-4d9c2516cbde%22%7D%5D&page_url=https%3A%2F%2Fvast.gg%2F&bust=1705033189948&dnt=false&description=Browse%20exclusive%20giveaways%20and%20sweepstakes%20to%20win%20prizes%20from%20your%20favorite%20brands%2C%20gadgets%2C%20%26%20web%20services.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=https%3A%2F%2Ft.co%2F&scrd=1&title=Vast%20Giveaways%3A%20Find%20the%20best%20giveaways%20%26%20sweepstakes%20to%20enter&w=1600&h=1200&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/ 		0
189 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v2
e.serverbid.com/api/ 		16 B
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705033189949&to=480&aun=mmt-aacf6af3-bbfa-4804-a091-f7a6fa7ee10a_1_1_ad&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.C%23sidebar-3&pv=4a1e4a84-b471-4270-9405-79271492a731&maxw=320&maxh=100&si=207601&pi=3&bf=300x250%2C320x50%2C320x100&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fvast.gg%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=https%3A%2F%2Fvast.gg%2F&ns=9728
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.53.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-53-144.compute-1.amazonaws.com
Software
nginx /
Resource Hash
047ebd266737a8fb7124914c27cbdaa069d413d8f4595e0892ededfc752f0cf6

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=209362
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3769f83ec48014805a45267923d3cef678b901076764347233351e5b1b3f3d9e

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQ9pU0XwtFllkq61by0YFztEaKyCDtUdtJmAMusGxuiGD0cOk1p7SY1t%2Fyfm5X7kQ4TmOQiBR6HsV4Zrno2u4AFSvlNIlBGwUdOWsPOQroB20476dhXJexTeNuBR1hB1YN5%2FSN%2F2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84429a7d4b5e54d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=209362
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3769f83ec48014805a45267923d3cef678b901076764347233351e5b1b3f3d9e

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp6wS47uruEWYn9LG%2Bu%2F6HN07WIwKcPO4LwNc66mVcbJnhsyBWr5KeF7Abe3ggoG15a4wUYi4gLsQMu8rgftsIyCS6L9hF6fuVc07bIliJYTgHpFRaUR8DhZ%2FdukXAdPQWA3If0e"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84429a7d4b6254d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
739 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
14102223f7010cd0019bba8b6ce3cf99f81ef50b881ab687ed72c0fe5eb203a4

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:49 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
76
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 04:19:49 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fvast.gg%2F&PageUrl=https%3A%2F%2Fvast.gg%2F&PageReferrer=https%3A%2F%2Ft.co%2F&CanonicalUrl=https%3A%2F%2Fvast.gg%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
478fb37e3f4b04b822b10afc9307d6e66ef0a037190ad28bebb8db3756feb6e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:49 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
5
content-length
181
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
357998366
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
bid
aax.amazon-adsystem.com/e/dtb/ 		242 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2F&pr=https%3A%2F%2Ft.co%2F&pid=0lEhblQwfhyvH&cb=3&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-aacf6af3-bbfa-4804-a091-f7a6fa7ee10a_1_1_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDS.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%7D%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-30.iad61.r.cloudfront.net
Software
Server /
Resource Hash
13cf02edd3fac53b90f6ccaf1000c596ab2796f24176e4c96ffdd0e360301eec
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a1b25b0d3d9a8dc90e047cb69c24f48c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
x-amz-rid
XC09W88WM9E3GR5N0RVR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
242
x-amz-cf-id
8Pcpgq7sUT7NxfQqoAbZjFsLk1hiSelKytQve0-4UQJyO4k7cR-Mhg==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvast.gg%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvast.gg%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fvast.gg%2F&rid=esp&cc=1
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
0fae61fcc92f8ef2bfe7e6c812c8abe6fda5cba455b23b1259096b2de3732988

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-mwA1MosJZjyzr/oHcgui3hN2BYE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 12 Jan 2024 04:19:50 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://vast.gg
location
/esp?url=https%3A%2F%2Fvast.gg%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
iu3
s.amazon-adsystem.com/ Frame 36B5
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5...
412 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&dcc=t
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8201aa245826638d0306fa5ba95c361a406aee9ea0fb5383b4c3797cbe7d2d82
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
412
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 12 Jan 2024 04:19:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K8PZNNY9PWFT8YX9897K

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 12 Jan 2024 04:19:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QF2FVWB49CQRBYRPRJ1S
map
bcp.crwdcntrl.net/6/ 		156 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.228.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-228-249.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c047631cfa8c1091a5346d84b9927d4dcb26d987895e03f32c747e7dfc266402

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://vast.gg
cache-control
no-cache
x-server
10.40.61.187
access-control-allow-credentials
true
content-length
156
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 3CC2 		725 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
92788c6e7d760efa26e3c188e8fe242f4f62918d7b995e6f1e77c71f4bda1f2e

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
450
content-type
text/html
date
Fri, 12 Jan 2024 04:19:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
2755394d-c12c-ed1a-fe88-48ffd03c925a
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3CC2 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/2755394d-c12c-ed1a-fe88-48ffd03c925a?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.40.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-40-85.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 3CC2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=eb442374-4d2a-c4a9-0f51-dc9d475894f3
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=eb442374-4d2a-c4a9-0f51-dc9d475894f3&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=eb442374-4d2a-c4a9-0f51-dc9d475894f3&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K5JA8VQ7J74SXAS54QZZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6TRS4MTXDX471XJ3RNVS
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=eb442374-4d2a-c4a9-0f51-dc9d475894f3&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3CC2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b3925f09-5180-7f53-cf5f-5e0a2f6b5f13&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=b3925f09-5180-7f53-cf5f-5e0a2f6b5f13&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttd_puid=b3925f09-5180-7f53-cf5f-5e0a2f6b5f13&gdpr=0&gdpr_consent=
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttd_puid=b3925f09-5180-7f53-cf5f-5e0a2f6b5f13&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttd_puid=b3925f09-5180-7f53-cf5f-5e0a2f6b5f13&gdpr=0&gdpr_consent=
date
Fri, 12 Jan 2024 04:19:50 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 3CC2 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3CC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELjhtYBjdRIrNzKKlqBHgHs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELjhtYBjdRIrNzKKlqBHgHs&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELjhtYBjdRIrNzKKlqBHgHs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 1980 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e27f8d7e1816a913c812dd24a385090c8e78f560df5d54744c446083a6cf0643
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4251
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 12 Jan 2024 04:19:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
N00M0WHAJFA79VAG4DJT
ads
securepubads.g.doubleclick.net/gampad/ 		111 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=228952408183555&correlator=487371352159314&eid=31080405&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDR.I&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705033190703&lmt=1705033190&adxs=-160&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvast.gg%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=680730703.1705033189&ga_sid=1705033190&ga_hid=1666817499&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYk5SX388xSABSAghkEhkKCnB1YmNpZC5vcmcYk5SX388xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJOUl9_PMUgAUgIIZBIXCghydGJob3VzZRiTlJffzzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV1VRMVoxVlFaMGhSUzFOV2FWcGlhVk13ZUhNM1p6MDlJbjA9GISYl9_PMUgAEhkKCnVpZGFwaS5jb20Yk5SX388xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiTlJffzzFIAFICCGQ.&dlt=1705033189166&idt=715&prev_scp=pos%3D9%26monu%3D160x600_A9%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_pillar%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D4_QC_notchrome%26browser_hour_refresh%3Dundefined_4_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D684%26url%3Dvast.gg%26referrer%3Dt%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2339972103&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a885ab369eb4d2e32514a7d276fbfcbfcce13c053f01c3524b60461082cae0dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46125
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 1980
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5K6CAXYJW56AGX3EB9D3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=
Date
Fri, 12 Jan 2024 04:19:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rmpssp
sync.1rx.io/usersync2/ Frame 1980 		0
0
ecm3
s.amazon-adsystem.com/ Frame 1980
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3480347936485244000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3480347936485244000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W15SSJF1EPD3HNDBRMYM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:53 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3480347936485244000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 12 Jan 2024 04:19:53 GMT
ecm3
s.amazon-adsystem.com/ Frame 1980
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AADb_E7LQXwAABY0dGhijw&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AADb_E7LQXwAABY0dGhijw&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KSDDK7M9HGA8MGXGQYGQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AADb_E7LQXwAABY0dGhijw&ex=beeswax.com
Date
Fri, 12 Jan 2024 04:19:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
s.ad.smaato.net/c/ Frame 1980 		0
0
/
onetag-sys.com/match/ Frame 1980 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 1980
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=3C78DC01D4294A9FABEF6EE7FD61E80E&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=3C78DC01D4294A9FABEF6EE7FD61E80E&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RCHHWB3GPMTBD92Z3E0Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:19:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=3C78DC01D4294A9FABEF6EE7FD61E80E&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 Jan 2024 04:19:55 GMT
amazon
trace.mediago.io/ju/cs/ Frame 1980 		0
0
amzns2s
rtb.gumgum.com/usync/ Frame 6731 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.72.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-72-246.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d9e6566e0df97e52ec6703453d4e4674fcc912d6f20a3eb4504d14910db4c98a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 12 Jan 2024 04:19:55 GMT
etag
W/"0f461ba5fdc66a1aa56ca26ad8b789d95"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 0DCC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09b148e617bcb963e704ddbb86bd4f8e710c5f8bec69b15b2d89313db98c291

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84429a826c1936be-YYZ
content-encoding
br
content-type
text/html
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHAfY5WpaT1VGorS8G8mSUW%2FWfU4h3K1Sf%2BBNX7UFz92k4HE2hVhw2JVHcssLhxMF3g9FotZe%2FzAa1VOxFayMbaphydNErIL2%2BHkVSWjpnaRw%2B%2BxNvy8o8kHQA7vXehKLYbaJKRRhI2Slw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84429a8218b154d9-YYZ
content-length
0
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2dlhGN%2B%2FA77vGPntT%2FtkEqmo05n6U%2FkF5wShEEeJPdR%2FJKvnF8uDhXUAYTgCN7F9e68ggWTWaPwQzYnS6U%2FisOgugaudp5V8SkAurn5kTpGMZhwk34MdnSSaj%2BdP6dLsvMdRgrx2N4y%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ssbsync-us.smartadserver.com/api/ Frame 3FEE 		0
0
ecm3
s.amazon-adsystem.com/ Frame 0EEB
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=2d87db8b95783bc6c08947e63a42ca46
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=2d87db8b95783bc6c08947e63a42ca46
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 Jan 2024 04:19:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5V05TM3VQF7PS71VHNEP

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=2d87db8b95783bc6c08947e63a42ca46
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
/
match.sharethrough.com/jwumXNuB/v1/ Frame 77D4 		812 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.20.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-20-227.compute-1.amazonaws.com
Software
/
Resource Hash
6063859869845d6483206ca381b5b546cc2a043c11698153ce2aa32d73394cc2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
812
date
Fri, 12 Jan 2024 04:19:52 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame B3F7 		0
0
usync.html
eus.rubiconproject.com/ Frame 26A6 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 04:19:57 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 3209
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
951 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
701d6ca0911d2c00e93663fb1653f5aacc08b2ada41f469221552b8c6a59d4c2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
951
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5b8764964b-psv2m
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-5b8764964b-d959p
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 42A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=1554685320975062049&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1554685320975062049&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 Jan 2024 04:19:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ASQR69N10DC2D9YQ86EA

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
263b7700-47d9-4dd5-b2a9-5d0201e7841a
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=1554685320975062049&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 85B0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
9bb233cd524e0309ac603684d665b5d3b30eefe8297f483c1f40a74cacbbd0bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Fri, 12 Jan 2024 04:19:51 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
getuid
eb2.3lift.com/ Frame 9918 		0
0
timeout
s.seedtag.com/se/hb/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/se/hb/timeout?publisherToken=2695-3807-01&adUnitId=31348617&timeout=1100
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
ads
securepubads.g.doubleclick.net/gampad/ 		112 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=228952408183555&correlator=1699713427294064&eid=31080405&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDA.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705033190731&lmt=1705033190&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvast.gg%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=680730703.1705033189&ga_sid=1705033190&ga_hid=1666817499&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYk5SX388xSABSAghkEhkKCnB1YmNpZC5vcmcYk5SX388xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJOUl9_PMUgAUgIIZBIXCghydGJob3VzZRiTlJffzzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV1VRMVoxVlFaMGhSUzFOV2FWcGlhVk13ZUhNM1p6MDlJbjA9GISYl9_PMUgAEhkKCnVpZGFwaS5jb20Yk5SX388xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiTlJffzzFIAFICCGQ.&dlt=1705033189166&idt=715&prev_scp=pos%3D2%26monu%3D728x90_B2%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D4_QC_notchrome%26browser_hour_refresh%3Dundefined_4_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D684%26url%3Dvast.gg%26referrer%3Dt%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1812210545&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
97e94eacf5d2a8bd57a2f14026ae8fa2aa252569d65bbbf5e0855b5c5bda0dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46789
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		111 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=228952408183555&correlator=4254185224143446&eid=31080405&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDB.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705033190741&lmt=1705033190&adxs=436&adys=351&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvast.gg%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=728x0&msz=728x0&fws=4&ohw=1600&ga_vid=680730703.1705033189&ga_sid=1705033190&ga_hid=1666817499&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYk5SX388xSABSAghkEhkKCnB1YmNpZC5vcmcYk5SX388xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJOUl9_PMUgAUgIIZBIXCghydGJob3VzZRiTlJffzzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV1VRMVoxVlFaMGhSUzFOV2FWcGlhVk13ZUhNM1p6MDlJbjA9GISYl9_PMUgAEhkKCnVpZGFwaS5jb20Yk5SX388xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiTlJffzzFIAFICCGQ.&dlt=1705033189166&idt=715&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_header%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D4_QC_notchrome%26browser_hour_refresh%3Dundefined_4_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D684%26url%3Dvast.gg%26referrer%3Dt%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1837388174&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
3ca1f9b3c589fd67524db2b33b34df38febf66ef2a21eacfc4d54ad8b59c120b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46272
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD70 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
Sat, 11 Jan 2025 04:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dcm
s.amazon-adsystem.com/ Frame 0DCC 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaC95o6bVgJB_YJxFA-I2gAADfAAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XSNBP2QD1JPN1BWSRZX5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0DCC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaC95o6bVgJB-YJxFA.I2gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMn6tP5uGSWE02PL1KzXUSU&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMn6tP5uGSWE02PL1KzXUSU&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWBs9htWQ4jGZ47q%2FkpW2KG53Cm8vB8ksgYajE7kj4vW2mMXtd%2Fh4o3UHHhPFazLlQ2Gh3PwEeghihYPJw%2BaLOvCujnpn6lAQ3Fl8J7MBlTIQnf%2BJcK3NSa2hcIQhP4OoWlwVjMrctxcVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a8a9ff436be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMn6tP5uGSWE02PL1KzXUSU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame 0DCC
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaC95o6bVgJB-YJxFA.I2gAA%263568&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaC95o6bVgJB-YJxFA.I2gAA%263568&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=de64b98835ec403e92f10be73d07ab77
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=de64b988-35ec-403e-92f1-0be73d07ab77
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=f4867bc9-585e-4cc3-96db-9c572d611471%3A1705033192.3103857&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df4867bc9-585e-4cc3-96db-9c572d6...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2809753620087717693&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Df4867bc9-585e-4cc3-96...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=f4867bc9-585e-4cc3-96db-9c572d611471%3A1705033192.3103857&_=1705033192.3134682
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdmNDg2N2JjOS01ODVlLTRjYzMtOTZkYi05YzU3MmQ2MTE0NzE6MTcwNTAzMzE5Mi4zMTAzODU3EAAaDQjq-4KtBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAIiQxFLitIz-bN7vNwOdXQ&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAIiQxFLitIz-bN7vNwOdXQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAIiQxFLitIz-bN7vNwOdXQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0DCC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaC95o6bVgJB_YJxFA-I2gAADfAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDhOuBZTbztQrY0j_tHx4ZM&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDhOuBZTbztQrY0j_tHx4ZM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zijw8MzFk0IzUmPgH2f3zCuvikiPbUx%2BeLtjraKt%2BJO%2B%2FVYRaWtz3MuozhZCIl2k2bcodvv7l5FzW0d9%2FFjMjE13xzDSC6rtvaoWnBhwf92tCz8%2BG62uvRqN4JUdUiCzXcxEOgVgDyH7sw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a8a9ff136be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDhOuBZTbztQrY0j_tHx4ZM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0DCC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1554685320975062049
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1554685320975062049
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcFyCW00sOuWGMYOG9JvxuxWAaZthuvTyNe%2BHJnJ%2B8B%2FO%2FBET3y%2BklZfapjXeeH9E4MBAfokjZ%2BTV37lnHv5wj0WgZEA18Dh8MgaSpS8IcfXDOPrLls1WW6OvXZDfUbwwJi2LhGjzKrsww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a82e98154d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
an-x-request-uuid
48e22c4c-1874-44b6-9d3d-db401b5fc080
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1554685320975062049
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame 0DCC
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=c6507ff1-2985-4e7d-bb99-3d8278d5aa08
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=c6507ff1-2985-4e7d-bb99-3d8278d5aa08
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sdzMhdmhdNH5Wsw5KCYtYV%2BZMGQh4PTsblOj0X0XmkDAiOU5NL4JyiZP4oIY0o2q9Qu6HeiKTpY8cUdr%2BEw8XDZ3bGjQXA5llkY1TNKRa9b%2Baq7yKnQsX2mP1GgFxF3NDUc%2Bzzf"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a850b7054d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:37 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=c6507ff1-2985-4e7d-bb99-3d8278d5aa08
cache-control
private,no-cache
content-length
222
expires
-1
sync
ups.analytics.yahoo.com/ups/55940/ Frame 0DCC 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaC95o6bVgJB_YJxFA-I2gAADfAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 0DCC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4444335064546968693&expiration=1706242791
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4444335064546968693&expiration=1706242791
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMQ2tUS5lC%2BaLShCy%2FC6y%2F%2BA0PmYbmEspcCwZNxqXnvBaLREnzJrRxxcg7%2FZvE8z%2FeyqL0VLXuZiO8iJgXJ5qE3bxQhvg14rp8TkCNyjixYmOsG9M5FBb3rqFka6zLK1%2BJTKdSFvWLOM%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a87ec0736be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4444335064546968693&expiration=1706242791
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 0DCC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZaC95o6bVgJB_YJxFA-I2gAADfAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H9B657XP2Q131WEENXCX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
css2
fonts.googleapis.com/ Frame BD70 		4 KB
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 03:28:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 04:19:50 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 2604 		0
0
a674c7068c2b67ccfd0052a9d505c59c.js
www.gstatic.com/mysidia/ Frame 2604 		0
0
d0c418fd7c3c9b1fa25e4b07b8f8ee33.js
www.gstatic.com/mysidia/ Frame 2604 		0
0
css
fonts.googleapis.com/ Frame 2604 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%7CGoogle%20Sans%3A400
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
8936a6938f2dc15cb1bab8b433e906b86cb94cdc559de5a580e6eb434749b79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 03:24:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 04:19:50 GMT
mdc_list_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2604 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:43:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
52606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6467
x-xss-protection
0
server
cafe
etag
4758454654811317262
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 13:43:04 GMT
mdc_menu_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2604 		51 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:50:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
26962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11146
x-xss-protection
0
server
cafe
etag
2759356358486721826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 20:50:28 GMT
mdc_menu_surface.min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2604 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:43:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
52606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4739
x-xss-protection
0
server
cafe
etag
18373107336927916518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 13:43:04 GMT
mdc_select_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2604 		103 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:56:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18791
x-xss-protection
0
server
cafe
etag
10996637669125113147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 20:56:30 GMT
mdc_textfield_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2604 		58 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:43:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
52606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10107
x-xss-protection
0
server
cafe
etag
7588401036457704084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 13:43:04 GMT
mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2604 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
52763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3021
x-xss-protection
0
server
cafe
etag
18113988596513574663
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 13:40:27 GMT
mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2604 		3 KB
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:54:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
766
x-xss-protection
0
server
cafe
etag
14497039402300002370
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 20:54:49 GMT
mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2604 		2 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:46:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
611
x-xss-protection
0
server
cafe
etag
18268606943400439583
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 20:46:57 GMT
mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2604 		37 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:46:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3940
x-xss-protection
0
server
cafe
etag
17986137158686949241
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 20:46:57 GMT
mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2604 		51 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
26723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4595
x-xss-protection
0
server
cafe
etag
17552977722549843295
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 12 Jan 2024 20:54:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 2604 		0
0
e9e356ec41155b008235c83648cb19be.js
www.gstatic.com/mysidia/ Frame 2604 		0
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/ Frame 2604 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 2604 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 2604 		0
0
l
www.google.com/ads/measurement/ Frame 2604 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOaKrPVzAEUaSyVYy7nsD2dVgHXViPaV2GrdZp0VRRr30rvswlip4wk-4Pqb5oJB4oYjtFDrN9zN4f68rDt_HxSMek_A
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2604 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 04:19:51 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/ Frame BD70 		0
0
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BD70 		0
0
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BD70 		0
0
cs
cs-server-s2s.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212417877639277
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212417877639277
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212417877639277
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=cb4ae8d5-d89d-45df-aaea-cce106fcfd6e&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=cb4ae8d5-d89d-45df-aaea-cce106fcfd6e&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=cb4ae8d5-d89d-45df-aaea-cce106fcfd6e&gdpr=0
date
Fri, 12 Jan 2024 04:19:52 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=1554685320975062049&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=1554685320975062049&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
an-x-request-uuid
8069960d-31a3-4a1f-974f-8f909786819c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=1554685320975062049&gdpr=0&gdpr_consent=
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjZFMDAwNEMtNkI2OC00RkI3LThERTAtRTIwNUVDNjBGQkIz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
date
Fri, 12 Jan 2024 04:19:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
rmpssp
sync.1rx.io/usersync2/ Frame 85B0 		0
0
cs
cs-server-s2s.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=33f75148-604f-4b7e-ae80-c7bb10e57a4b&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=33f75148-604f-4b7e-ae80-c7bb10e57a4b&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=33f75148-604f-4b7e-ae80-c7bb10e57a4b&gdpr_consent=null&gdpr=0
date
Fri, 12 Jan 2024 04:19:51 GMT
server
_
content-length
0
cksync.php
contextual.media.net/ Frame 85B0 		57 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 04:19:52 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:57 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '11603'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=
Date
Fri, 12 Jan 2024 04:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=5b92439f-866f-4216-8418-02980ec28b50
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=5b92439f-866f-4216-8418-02980ec28b50
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=5b92439f-866f-4216-8418-02980ec28b50
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.yellowblue.io/ Frame 85B0
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=d6ea2a11daebb01cf2226fafa973dca7&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=d6ea2a11daebb01cf2226fafa973dca7&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:54 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=d6ea2a11daebb01cf2226fafa973dca7&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705033194792013-142
ecm3
s.amazon-adsystem.com/ Frame 85B0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=eq17Kox-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7ZZ42E7X6RXN05WPWR3H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=228952408183555&correlator=3258182740219279&eid=31080405&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDS.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=6&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3D6576e064d155a9da%3AT%3D1705033189%3ART%3D1705033189%3AS%3DALNI_MZ8aMYUoWY2AfDUksV9FWA-VfF_MA&gpic=UID%3D00000a072fd3eca7%3AT%3D1705033189%3ART%3D1705033189%3AS%3DALNI_MbXe7IL8DrWzy6jHSDZtRViktUrAw&abxe=1&dt=1705033191117&lmt=1705033191&adxs=650&adys=1289&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvast.gg%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=680730703.1705033189&ga_sid=1705033190&ga_hid=1666817499&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYk5SX388xSABSAghkEhkKCnB1YmNpZC5vcmcYk5SX388xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJOUl9_PMUgAUgIIZBIXCghydGJob3VzZRiTlJffzzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV1VRMVoxVlFaMGhSUzFOV2FWcGlhVk13ZUhNM1p6MDlJbjA9GISYl9_PMUgAEhkKCnVpZGFwaS5jb20Yk5SX388xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiTlJffzzFIAFICCGQ.&dlt=1705033189166&idt=715&prev_scp=pos%3D3%26monu%3D300x250-320x50-320x100_B3%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D4_QC_notchrome%26browser_hour_refresh%3Dundefined_4_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D684%26url%3Dvast.gg%26referrer%3Dt%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2740503875&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
871a21fef8c5364e4b77bb908cffa4cc9ce8d264c638970ad23116c1d47ab3e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13714
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vast.gg
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
container.html
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 33DD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
Sat, 11 Jan 2025 04:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mmt.gif
imps.monu.delivery/ 		37 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=eb828732-7474-47c2-b42b-fcaa21afd078&a=p.f.i&u=GYT5QM&d=%7B%22c%22%3A%22CA%22%2C%22r%22%3A%22QC%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:37:23 GMT
age
78148
x-guploader-uploadid
ABPtcPpmcxBjpnlENUIkZ0DJtGm9r8kSztv2PHLkN_Kg1VH4S4n-haSrnEdgPk8JRkrOnEIJrZ_zsKXb8KSCdnwuomzM0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:37:23 GMT
/
onetag-sys.com/usync/ Frame A4A3 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame E8FF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 04:19:57 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Jan 2024 04:19:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
container.html
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0DC8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
Sat, 11 Jan 2025 04:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
monumetric
monumetric.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vast.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://vast.gg
access-control-max-age
86400
date
Fri, 12 Jan 2024 04:19:51 GMT
server
nginx
hb-mm-multi
hb.minutemedia-prebid.com/ 		0
0
monumetric
monumetric.technoratimedia.com/openrtb/bids/ 		0
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://monumetric.technoratimedia.com/openrtb/bids/monumetric?src=pbjs%2F8.12.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
353526303
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-c42a325c-f11b-427c-9c64-84ed5a21f6b9_1_2_ad%22%2C%22callback_id%22%3A%22119c3a03e4e49482%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222540682012541263920%22%2C%22gpid%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2%22%2C%22tid%22%3A%2284528dd6-df5c-45e4-a088-5e0fea396ca9%22%2C%22auctionId%22%3A%22f72f045e-47b4-4c51-ae2f-271c88851057%22%7D%5D&page_url=https%3A%2F%2Fvast.gg%2F&bust=1705033191264&dnt=false&description=Browse%20exclusive%20giveaways%20and%20sweepstakes%20to%20win%20prizes%20from%20your%20favorite%20brands%2C%20gadgets%2C%20%26%20web%20services.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=https%3A%2F%2Ft.co%2F&scrd=1&title=Vast%20Giveaways%3A%20Find%20the%20best%20giveaways%20%26%20sweepstakes%20to%20enter&w=1600&h=1200&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/ 		0
560 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.132.116 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:51 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
276
server
istio-envoy
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
auction
tlx.3lift.com/header/ 		19 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.12.0&referrer=https%3A%2F%2Fvast.gg%2F&tmax=1100
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.133.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-133-79.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
17
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
980 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
466bdc99a90439cf86dc4b1adfe1c1a3f9a6fa7eeaa7be9d04f963bda6d8f4fa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
an-x-request-uuid
cc8ca743-92fb-4b42-8925-0a150947cd9c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
529 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=atf&rp_schain=1.0,1!monumetric.com,e5288ed7-6884-417e-b256-dc21cdb46f76,1,,,&eid_pubcid.org=f0600f6c-8b9b-4af5-bc92-56ef42c2b000%5E1&rf=https%3A%2F%2Fvast.gg%2F&tg_i.domain=vast.gg&tg_i.page=https%3A%2F%2Fvast.gg%2F&tg_i.ref=https%3A%2F%2Ft.co%2F&tg_i.cat=680%2C684&tg_i.cattax=6&tg_i.id=e5288ed7-6884-417e-b256-dc21cdb46f76&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2&tk_flint=pbjs_lite_v8.12.0&x_source.tid=f72f045e-47b4-4c51-ae2f-271c88851057&l_pb_bid_id=127bdd81d4d0471b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=84528dd6-df5c-45e4-a088-5e0fea396ca9&rp_maxbids=1&p_gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2&slots=1&rand=0.731943795667463
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0c8ce5097738b07d1fa9aa91b81629b3835c67e4dc4f0513e119f9d100ae7ced

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
472
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a99ae169810120105c5c0b2812d6a4a8c2fc36030b7e8cd4a17be7c5e669f9ca

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecWqq%2BGXFjqgQwKFeeywQgH%2BfBMycFxyeAQPJLliADH2qXp7JoTMvTPSNRpsJ%2BBwsXJgaMOxaQRg9XLyuCZYtKRho%2BcyInQEtofvXZwDur34miR9%2Fc%2Fmp6g2UGpJpMqmyKPLKr8c"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84429a8578cf36be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705033191270&to=480&aun=mmt-c42a325c-f11b-427c-9c64-84ed5a21f6b9_1_2_ad&pubcid=f0600f6c-8b9b-4af5-bc92-56ef42c2b000&gpid=%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2&pv=4a1e4a84-b471-4270-9405-79271492a731&t=boa9nz03&pi=2&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fvast.gg%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.12.0%22%7D&ogu=https%3A%2F%2Fvast.gg%2F&ns=9728
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.53.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-53-144.compute-1.amazonaws.com
Software
nginx /
Resource Hash
165260f9689bedc24dea87433b2e8cd8f3136d59fdb3672d1e1da3752cab0550

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c914836f4c8aedbb1bcb4e21a6e92578df99e9dfb8e7533e1609da8693a0b794

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:50 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
57
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 04:19:51 GMT
trinity.json
apex.go.sonobi.com/ 		0
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fvast.gg%2F&PageUrl=https%3A%2F%2Fvast.gg%2F&PageReferrer=https%3A%2F%2Ft.co%2F&CanonicalUrl=https%3A%2F%2Fvast.gg%2F
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
741b05a3ef21927de2e9b1ee468c81d55a50ce666835c963786085a607b3aef3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
7
content-length
181
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		904 B
642 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
358aa69a1175fb7738c0dc56eafc4733c64bc5b7a4d4309f361f00b32f6ee93f

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:50 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vast.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
469
v2
e.serverbid.com/api/ 		16 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
bid
aax.amazon-adsystem.com/e/dtb/ 		215 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvast.gg%2F&pr=https%3A%2F%2Ft.co%2F&pid=0lEhblQwfhyvH&cb=4&ws=1600x1200&v=23.1211.1645&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-c42a325c-f11b-427c-9c64-84ed5a21f6b9_1_2_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Ce5288ed7-6884-417e-b256-dc21cdb46f76%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%7D%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-30.iad61.r.cloudfront.net
Software
Server /
Resource Hash
602e076e1e79d412ef41da62a731354d51b6e58af267dec060b09b85f5935236
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a1b25b0d3d9a8dc90e047cb69c24f48c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
x-amz-rid
K9N996XYQHBPDM2XMWA9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://vast.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
215
x-amz-cf-id
ZQZnEmL-c-l1P2IWH_pTRsu1BRb_5sWU3IMgluffGqNdsvxKaQ0xew==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2429 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeVmwEQ-bW9AhjKmODkATAB&v=APEucNW8Ij2Bd10mF2EBAViVMfZzETkhSPfHMDJ7vbCzMiWLnzUAYSvwF02fgqjgrs0CXrkOhoOLahTxpxiwYR5i2Fowiap5tw
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 33DD 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Origin
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 20:54:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/ Frame 33DD 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:26:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 20:26:38 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/ Frame 33DD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/abg_lite_fy2021.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:24:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 33DD 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 33DD 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CB6A 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:05:23 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 21:05:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 33DD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 33DD 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdYqC2tkp_9YCNg--XuApzfvYv7TPWZkkmvFHMaf-ZW0Xwtf-HVwWnWEj2R_dS7AjYv3tYqwxrEiwjqJ1DjHTXKLK0PTmgDTYJq29yL8e11etBRxo
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 33DD 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 04:19:51 GMT
pixel
protected-by.clarium.io/ Frame 33DD 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MTYweDYwMA==&v=5&s=v31hjtubk4e&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTI2Nzk2MTczL0dZVDVRTS9HWVQ1UU0tRERSLkkiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTkxMjcyOGU5LWJkNWEtNDExYy1hNGQ4LTU2NGIyNDJlMTgwOV8xXzFfYWQifX0%3D&cb=5587991&h=vast.gg&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNVFl3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMTYwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.132.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-132-149.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 59A7 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNWooE2IL1rSQY5SRoPR6-LovUWFLNCjCyTTdZqmmxQcmZQ24-QuXU884kOkH-ZlBExsRPv7X70mRZl9pam_uZWQ36hlIA
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0DC8 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Origin
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 20:54:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/ Frame 0DC8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:26:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 20:26:38 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/ Frame 0DC8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/abg_lite_fy2021.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:24:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0DC8 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 0DC8 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB51 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:05:23 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 21:05:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 0DC8 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DC8 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AEOeYPMWz-7C1_UNtCMz8xoUzfE43nDkQWrLSRkY9zKHdgAlq9NKJJF-WM_WBjzwlQ0KKMoMoDFUN9ATiqq6QIw4FwWVFHjms_ou0ctz2W4VAho6I
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 0DC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAW-ISB9u651AjCxjdOEJg8auNZbbvLUm6MBxc2CR9qDZ37JQx8_ykouefxYjkRAHpFmOggCwABT4EMQtkWsEJgj8B7g
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0DC8 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 04:19:51 GMT
pixel
protected-by.clarium.io/ Frame 0DC8 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31hjtubkcf&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTI2Nzk2MTczL0dZVDVRTS9HWVQ1UU0tRERBLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWM0MmEzMjVjLWYxMWItNDI3Yy05YzY0LTg0ZWQ1YTIxZjZiOV8xXzFfYWQifX0%3D&cb=6065332&h=vast.gg&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.132.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-132-149.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2429
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENpWGI1tWL1CdnEs0_F2864&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENpWGI1tWL1CdnEs0_F2864&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeVmwEQ-bW9AhjKmODkATAB&v=APEucNW8Ij2Bd10mF2EBAViVMfZzETkhSPfHMDJ7vbCzMiWLnzUAYSvwF02fgqjgrs0CXrkOhoOLahTxpxiwYR5i2Fowiap5tw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFEJA8MEM%2BLg%2FT9QjwQeyRrTIRvscIwOhlEk848E5Uu1Ym4IpVFJ6P4Y7QNWb8haL8%2BLjCPCVFb7sVch3UkcSMeP6Skudabfy6d%2BOD4ZM52k581vGpzwh1%2FPW%2BXEiV%2BwKWCdyA9Aq24ttw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a8a9ff636be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENpWGI1tWL1CdnEs0_F2864&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2429
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaC95o6bVgJB-YJxFA.I2gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1&google_hm=2
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeVmwEQ-bW9AhjKmODkATAB&v=APEucNW8Ij2Bd10mF2EBAViVMfZzETkhSPfHMDJ7vbCzMiWLnzUAYSvwF02fgqjgrs0CXrkOhoOLahTxpxiwYR5i2Fowiap5tw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Br4OuVh5w%2BS8VeZa66HPOzWlfLnY7mpvHk86JnG5hCiMPEOc%2FBIdbs%2BMbtQ7Nt8c6FEJLFr08tN43w0iSA2GDN4MOIm3lTTtSHSnmCK%2FK%2FpQg5hEVuMBx1Uykfa2YLIeeVa3eMYwDj3NA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a8b48db36be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2429
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENkz2gciLFfYT5qlOs8GDdg&google_cver=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENkz2gciLFfYT5qlOs8GDdg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeVmwEQ-bW9AhjKmODkATAB&v=APEucNW8Ij2Bd10mF2EBAViVMfZzETkhSPfHMDJ7vbCzMiWLnzUAYSvwF02fgqjgrs0CXrkOhoOLahTxpxiwYR5i2Fowiap5tw
Protocol
H2
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
an-x-request-uuid
b530d34d-2c08-47d6-8c53-c4cf9375945f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENkz2gciLFfYT5qlOs8GDdg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2429
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeVmwEQ-bW9AhjKmODkATAB&v=APEucNW8Ij2Bd10mF2EBAViVMfZzETkhSPfHMDJ7vbCzMiWLnzUAYSvwF02fgqjgrs0CXrkOhoOLahTxpxiwYR5i2Fowiap5tw
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
an-x-request-uuid
48238eb8-eb00-48dd-818f-bdfb8c50ff16
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 59A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFd58HVeUQVsNDfEpimoL10&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFd58HVeUQVsNDfEpimoL10&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNWooE2IL1rSQY5SRoPR6-LovUWFLNCjCyTTdZqmmxQcmZQ24-QuXU884kOkH-ZlBExsRPv7X70mRZl9pam_uZWQ36hlIA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFd58HVeUQVsNDfEpimoL10&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 59A7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNWooE2IL1rSQY5SRoPR6-LovUWFLNCjCyTTdZqmmxQcmZQ24-QuXU884kOkH-ZlBExsRPv7X70mRZl9pam_uZWQ36hlIA
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:19:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 59A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA5hqtczpv3ycSyOPoz-ApE&google_cver=1
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA5hqtczpv3ycSyOPoz-ApE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNWooE2IL1rSQY5SRoPR6-LovUWFLNCjCyTTdZqmmxQcmZQ24-QuXU884kOkH-ZlBExsRPv7X70mRZl9pam_uZWQ36hlIA
Protocol
H2
Server
23.56.163.154 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-154.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 04:19:52 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEA5hqtczpv3ycSyOPoz-ApE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 59A7
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjIyODVkOWYtY2NjNS00MDk4LWEwMmYtYTgxN2NiZTc2M2Mx
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjIyODVkOWYtY2NjNS00MDk4LWEwMmYtYTgxN2NiZTc2M2Mx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNWooE2IL1rSQY5SRoPR6-LovUWFLNCjCyTTdZqmmxQcmZQ24-QuXU884kOkH-ZlBExsRPv7X70mRZl9pam_uZWQ36hlIA
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjIyODVkOWYtY2NjNS00MDk4LWEwMmYtYTgxN2NiZTc2M2Mx
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 12 Jan 2024 04:19:52 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012312191621000/ Frame A361 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Jan 2024 18:13:56 GMT
age
122756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56099
x-xss-protection
0
server
sffe
etag
"b4f73150f1481343"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Jan 2025 18:13:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame A361 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Jan 2024 20:48:30 GMT
age
113482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"1615cf8c9658662f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Jan 2025 20:48:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame A361 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Jan 2024 20:47:07 GMT
age
113565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29030
x-xss-protection
0
server
sffe
etag
"4993b3249a87fa76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Jan 2025 20:47:07 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame A361 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Jan 2024 20:46:56 GMT
age
113576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1930
x-xss-protection
0
server
sffe
etag
"09131eec19261354"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Jan 2025 20:46:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame A361 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Jan 2024 20:58:10 GMT
age
112902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"b1091b2fa725aeb2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Jan 2025 20:58:10 GMT
css
fonts.googleapis.com/ Frame A361 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 03:27:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 04:19:52 GMT
pixel
protected-by.clarium.io/ 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzIweDI1MA==&v=5&s=v31hjtubkk9&h=vast.gg&cb=5644693&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekl3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzIwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTI2Nzk2MTczL0dZVDVRTS9HWVQ1UU0tRERTLkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWFhY2Y2YWYzLWJiZmEtNDgwNC1hMDkxLWY3YTZmYTdlZTEwYV8xXzFfYWQifX0%3D
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.132.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-132-149.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A361 		0
0
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A361 		0
0
l
www.google.com/ads/measurement/ Frame A361 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6EqpopEWXis9desUfaGIFeTQINXX4jnR8iXBTLP4K47bPo3gCGQpbtryfyZFfGO2-t5fCdNY7pPls14V-vwZJYyC8GQ
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/17693960660995302098/ Frame A361 		0
0
truncated
/ Frame A361 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A361 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bcf776ca3e30c858e1a71fb9a2f1b186d7035c7892ab87552c7a8866cd661bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
container.html
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7E91 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
Sat, 11 Jan 2025 04:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
c39da705be2fc19414a2bac8523825e83e839bc81994f6d5d186c2e437a5f0e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
dpixel
cms.quantserve.com/ Frame CB6A 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC6qCfalCMcsLaQKnPqr9nY&google_cver=1&google_push=AXcoOmQf8YNE4G65jXw6-ZAuasVxs6aToFs2is74AJFEOWCpsKq9__K3DfqfphurpcX6GuHnTrQ-Z4ktOX0kOlOg8EKljZwcaDlq
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CB6A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH2pkiDVN3eO0pLplBDI0Z0&google_cver=1&google_push=AXcoOmSg0R1Z4AUNYrZ2vNhhoC6EgIgrxFTqV-NrYXkfH5ETHAXjFjLDFkooM6tdvSjG9ZgRZ4ulA187ylh6dbyhWji9h_J...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSg0R1Z4AUNYrZ2vNhhoC6EgIgrxFTqV-NrYXkfH5ETHAXjFjLDFkooM6tdvSjG9ZgRZ4ulA187ylh6dbyhWji9h_JI7x8i&google_hm=eS1Hc2ltZFZCRTJwRjlVUT...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSg0R1Z4AUNYrZ2vNhhoC6EgIgrxFTqV-NrYXkfH5ETHAXjFjLDFkooM6tdvSjG9ZgRZ4ulA187ylh6dbyhWji9h_JI7x8i&google_hm=eS1Hc2ltZFZCRTJwRjlVUTVjOHUuWUhmV0lkd2tSQnEuSX5B
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:19:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSg0R1Z4AUNYrZ2vNhhoC6EgIgrxFTqV-NrYXkfH5ETHAXjFjLDFkooM6tdvSjG9ZgRZ4ulA187ylh6dbyhWji9h_JI7x8i&google_hm=eS1Hc2ltZFZCRTJwRjlVUTVjOHUuWUhmV0lkd2tSQnEuSX5B
content-length
0
/
s.uuidksinc.net/match/47/ Frame CB6A 		0
0
pixel
cm.g.doubleclick.net/ Frame CB6A
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQNvAErTkVmHkkcaeNSV28G74_8SenMVxoFQzQst76xMV2aU0G8sB6L42KNJ84M1RCs1zdPjyM4gD...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQNvAErTkVmHkkcaeNSV28G74_8SenMVxoFQzQst76xMV2aU0G8sB6L42KNJ84M1RCs1zdPjyM4gDEquxi9DbuyIEKKyyzS&google_hm=a2678b8e-9fce-4097-86...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQNvAErTkVmHkkcaeNSV28G74_8SenMVxoFQzQst76xMV2aU0G8sB6L42KNJ84M1RCs1zdPjyM4gDEquxi9DbuyIEKKyyzS&google_hm=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQNvAErTkVmHkkcaeNSV28G74_8SenMVxoFQzQst76xMV2aU0G8sB6L42KNJ84M1RCs1zdPjyM4gDEquxi9DbuyIEKKyyzS&google_hm=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CB6A
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELRQVFrVjE9j4M4XfIIUkuw&google_cver=1&google_push=AXcoOmS5vWub96LZj4rePXUUyyJcHlBPMGKFVyK-sUXtFHgtLKskIbPm8IUm4RrKJ3fzlzoDYRyKHrBP31f9MpYfGbzHBjv...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS5vWub96LZj4rePXUUyyJcHlBPMGKFVyK-sUXtFHgtLKskIbPm8IUm4RrKJ3fzlzoDYRyKHrBP31f9MpYfGbzHBjva-nk&google_hm=NzM2ODQ0NjMz...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS5vWub96LZj4rePXUUyyJcHlBPMGKFVyK-sUXtFHgtLKskIbPm8IUm4RrKJ3fzlzoDYRyKHrBP31f9MpYfGbzHBjva-nk&google_hm=NzM2ODQ0NjMzODQwNDAxNTYxOQ==
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS5vWub96LZj4rePXUUyyJcHlBPMGKFVyK-sUXtFHgtLKskIbPm8IUm4RrKJ3fzlzoDYRyKHrBP31f9MpYfGbzHBjva-nk&google_hm=NzM2ODQ0NjMzODQwNDAxNTYxOQ==
Date
Fri, 12 Jan 2024 04:19:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CB6A
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEEtq9Q_-qWLP8Mxr0GbNqKU&google_cver=1&google_push=AXcoOmT8RFDshlmO3LVyNTC_ivB1n2GAJA-mOHRRzszXjkpScAZOchm09KfG93ntQy8oPDQ_ScN9-BYu5NAw5YTljRKrZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT8RFDshlmO3LVyNTC_ivB1n2GAJA-mOHRRzszXjkpScAZOchm09KfG93ntQy8oPDQ_ScN9-BYu5NAw5YTljRKrZ4s1cdQD&google_hm=acc8ce73440cc9...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT8RFDshlmO3LVyNTC_ivB1n2GAJA-mOHRRzszXjkpScAZOchm09KfG93ntQy8oPDQ_ScN9-BYu5NAw5YTljRKrZ4s1cdQD&google_hm=acc8ce73440cc9fd2nzx8f00lra4qsog
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:19:59 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT8RFDshlmO3LVyNTC_ivB1n2GAJA-mOHRRzszXjkpScAZOchm09KfG93ntQy8oPDQ_ScN9-BYu5NAw5YTljRKrZ4s1cdQD&google_hm=acc8ce73440cc9fd2nzx8f00lra4qsog
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame CB6A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFxGU2UFMb8iw4wISwjCbIU&google_cver=1&google_push=AXcoOmTfCFTB_r_2J...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D&google_gid=CAESEFxGU2UFMb8iw4wISwjCbIU&google_cver=1&google_push=AXcoOmTfCFTB_r_2JnsISjjfCPCnGFoEwp...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D&google_gid=CAESEFxGU2UFMb8iw4wISwjCbIU&google_cver=1&google_push=AXcoOmTfCFTB_r_2JnsISjjfCPCnGFoEwpFCjtq_9dYD8i-qJesOAcC11FEuLrzp5CYJuxPa4pRwRYz0riZL7Fjey4VraS2d9V1AMQ
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
an-x-request-uuid
3b94f11f-a9c2-4507-9853-b50ad1de247d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D&google_gid=CAESEFxGU2UFMb8iw4wISwjCbIU&google_cver=1&google_push=AXcoOmTfCFTB_r_2JnsISjjfCPCnGFoEwpFCjtq_9dYD8i-qJesOAcC11FEuLrzp5CYJuxPa4pRwRYz0riZL7Fjey4VraS2d9V1AMQ
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CB6A 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUoVnnn_d8aUe4BwlHxq42lX0GHxfU_j-D3ucMBQeBRXAHMHmAd1iLX2Isl6SYaw3yUM4Xa4wg
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame EB51
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEDi2rn7A4lE_yFgbaQ5K7Qw&google_cver=1&google_push=AXcoOmSkDK-DOH-e7Tm8LSWBYhx9F32FLjIb8GU7Qm_l42XS3nw7rV2eNwXqhLJOpyuzL8GpPvJsrUz2WLHlbYDleGd6fgVW3w
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSkDK-DOH-e7Tm8LSWBYhx9F32FLjIb8GU7Qm_l42XS3nw7rV2eNwXqhLJOpyuzL8GpPvJsrUz2WLHlbYDleGd6fgVW3w&google_hm=UjM1Q0E1XzEwRjI3Qj...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSkDK-DOH-e7Tm8LSWBYhx9F32FLjIb8GU7Qm_l42XS3nw7rV2eNwXqhLJOpyuzL8GpPvJsrUz2WLHlbYDleGd6fgVW3w&google_hm=UjM1Q0E1XzEwRjI3QjA3Nl9BRjI3QTZBMw%3D%3D
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSkDK-DOH-e7Tm8LSWBYhx9F32FLjIb8GU7Qm_l42XS3nw7rV2eNwXqhLJOpyuzL8GpPvJsrUz2WLHlbYDleGd6fgVW3w&google_hm=UjM1Q0E1XzEwRjI3QjA3Nl9BRjI3QTZBMw%3D%3D
Date
Fri, 12 Jan 2024 04:19:52 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-388037993; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
344
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame EB51
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENDJEA2Jhp2wUDxzW6Gzn1k&google_cver=1&google_push=AXcoOmQ_gkLomjw82jafFLxMsxQgXJXnqxGH5rXY8w85TVP3YAQ3V5Oujc_6kmOYilZ6dvYItqKNPeRcqL6CREvi...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Aud_JcxRMEWmUL-ROMVcQ&google_push=AXcoOmQ_gkLomjw82jafFLxMsxQgXJXnqxGH5rXY8w85TVP3YAQ3V5Oujc_6kmOYilZ6dvYItqKNPeRcqL6CREvippJwG5r2wFA
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Aud_JcxRMEWmUL-ROMVcQ&google_push=AXcoOmQ_gkLomjw82jafFLxMsxQgXJXnqxGH5rXY8w85TVP3YAQ3V5Oujc_6kmOYilZ6dvYItqKNPeRcqL6CREvippJwG5r2wFA
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:19:59 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Aud_JcxRMEWmUL-ROMVcQ&google_push=AXcoOmQ_gkLomjw82jafFLxMsxQgXJXnqxGH5rXY8w85TVP3YAQ3V5Oujc_6kmOYilZ6dvYItqKNPeRcqL6CREvippJwG5r2wFA
x-host
tde-deliveryengine-production-5db7bf8975-ztcfh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame EB51
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKNBl7MlfSYdm10Xxz80e8g&google_cver=1&google_push=AXcoOmQ4Fb3Eyn0gFE3Vg0EGK9GuGglAy3ex5XPQSjyM6d31LEI_qkt8XxL-NbuC83RxMxl_ghhhbrziyPld9tJv7YIDOg4k2Tg
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ4Fb3Eyn0gFE3Vg0EGK9GuGglAy3ex5XPQSjyM6d31LEI_qkt8XxL-NbuC83RxMxl_ghhhbrziyPld9tJv7YIDOg4k2Tg&google_hm=bMTVNfgGxn0pKxK9_HJlqQ==
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ4Fb3Eyn0gFE3Vg0EGK9GuGglAy3ex5XPQSjyM6d31LEI_qkt8XxL-NbuC83RxMxl_ghhhbrziyPld9tJv7YIDOg4k2Tg&google_hm=bMTVNfgGxn0pKxK9_HJlqQ==
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ4Fb3Eyn0gFE3Vg0EGK9GuGglAy3ex5XPQSjyM6d31LEI_qkt8XxL-NbuC83RxMxl_ghhhbrziyPld9tJv7YIDOg4k2Tg&google_hm=bMTVNfgGxn0pKxK9_HJlqQ==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
228
pixel
cm.g.doubleclick.net/ Frame EB51
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRKcwvRKckIHem5DZtBeSFQfWUv_NO1Fp2Y-cq3cWTOHBnc5FmdgdtWjq9u6cO5Sn9cb3BHxMdSWw...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRKcwvRKckIHem5DZtBeSFQfWUv_NO1Fp2Y-cq3cWTOHBnc5FmdgdtWjq9u6cO5Sn9cb3BHxMdSWwNTe8QRtHnMZokpMCM&google_hm=a2678b8e-9fce-4097-86c...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRKcwvRKckIHem5DZtBeSFQfWUv_NO1Fp2Y-cq3cWTOHBnc5FmdgdtWjq9u6cO5Sn9cb3BHxMdSWwNTe8QRtHnMZokpMCM&google_hm=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRKcwvRKckIHem5DZtBeSFQfWUv_NO1Fp2Y-cq3cWTOHBnc5FmdgdtWjq9u6cO5Sn9cb3BHxMdSWwNTe8QRtHnMZokpMCM&google_hm=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB51
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEF0FJUekYknTgSYFPKSXlFk&google_cver=1&google_push=AXcoOmSmPVqBk2ovEOtbWV372i_PsveXY0Zff6J2GHKdFDqqT3yCXQCX7Eu8oBXen7wTCv-0_3543cwMyKC1-A40ELKW2MppyMA
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSmPVqBk2ovEOtbWV372i_PsveXY0Zff6J2GHKdFDqqT3yCXQCX7Eu8oBXen7wTCv-0_3543cwMyKC1-A40ELKW2MppyMA&google_hm=VkV6WTdjY1FRWWM5RUtiZ...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSmPVqBk2ovEOtbWV372i_PsveXY0Zff6J2GHKdFDqqT3yCXQCX7Eu8oBXen7wTCv-0_3543cwMyKC1-A40ELKW2MppyMA&google_hm=VkV6WTdjY1FRWWM5RUtiZVFzUjI=
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSmPVqBk2ovEOtbWV372i_PsveXY0Zff6J2GHKdFDqqT3yCXQCX7Eu8oBXen7wTCv-0_3543cwMyKC1-A40ELKW2MppyMA&google_hm=VkV6WTdjY1FRWWM5RUtiZVFzUjI=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame EB51
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAkKUkXcG...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&%%GOOGLE_PUSH_PAIR%%
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&%%GOOGLE_PUSH_PAIR%%
Date
Fri, 12 Jan 2024 04:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame EB51
Redirect Chain
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEMa4P3N5CJZL0cO1fR7jyr0&google_cver=1&google_push=AXcoOmSRBZMr4tewnlrwnEAw09W94o5ESA40pDUnsnFsAbsv6KXLiJrTvFOsQjWEp0e6yPnRU-5EVPaOkJSxM8BNuW0okQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSRBZMr4tewnlrwnEAw09W94o5ESA40pDUnsnFsAbsv6KXLiJrTvFOsQjWEp0e6yPnRU-5EVPaOkJSxM8BNuW0okQoxJbiQ
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSRBZMr4tewnlrwnEAw09W94o5ESA40pDUnsnFsAbsv6KXLiJrTvFOsQjWEp0e6yPnRU-5EVPaOkJSxM8BNuW0okQoxJbiQ
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:19:52 GMT
strict-transport-security
max-age=2592000
server
nginx
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language
en-CA
location
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSRBZMr4tewnlrwnEAw09W94o5ESA40pDUnsnFsAbsv6KXLiJrTvFOsQjWEp0e6yPnRU-5EVPaOkJSxM8BNuW0okQoxJbiQ
x-yak-request-id
1705033192346-cdcfa8be9a70f3c7d1b5b7156a3e196d
yak-timeinfo
1705033192346|2
cip
185.213.80.244
alt-svc
h3=":443"; ma=604800
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame EB51 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmDT0rXnjtSJmKIY6AHZ9btVPAyc34pP9UtSlq2K1-P1CJ_n1j2fYeNA8ok6MT3G81QLYtDOU
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A361 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 13:41:26 GMT
x-content-type-options
nosniff
age
52706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 13:41:26 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A361 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 20:53:25 GMT
x-content-type-options
nosniff
age
113187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 20:53:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A361 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vast.gg
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 20:59:08 GMT
x-content-type-options
nosniff
age
112844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 20:59:08 GMT
ecm3
s.amazon-adsystem.com/ Frame 77D4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=ed3394ac-5bdb-449b-80e4-c99d400a69af
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
667ZFDGX1B5MN561M16K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 77D4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=eed2eaaf-00bb-4420-a928-2f23eaabab2e&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=eed2eaaf-00bb-4420-a928-2f23eaabab2e&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.20.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-20-227.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=eed2eaaf-00bb-4420-a928-2f23eaabab2e&gdpr=0&gdpr_consent=
date
Fri, 12 Jan 2024 04:19:52 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 77D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZWQzMzk0YWMtNWJkYi00NDliLTgwZTQtYzk5ZDQwMGE2OWFm
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.20.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-20-227.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 77D4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDg4REY1OUEtQUExMC00NUNELUJBREUtMEVCQzQ2N0QzOUEw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://match.sharethrough.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
date
Fri, 12 Jan 2024 04:19:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 77D4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&s=2
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=VroS-ap-kEY3jeE8vPTy&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=VroS-ap-kEY3jeE8vPTy&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.70.20.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-20-227.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:52 GMT
Content-Type
text/html; charset=utf-8
Location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=VroS-ap-kEY3jeE8vPTy&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
147
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C258 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNX9Bxy27ujOLPS-97kNWo1cWL1epxpPer6CoSxJzVZFwNG4rQFhJs6CSAupgMn4qzxEh9XB9piMj12kmxfqLI9Wl7gbpA
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7E91 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Origin
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 20:54:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/ Frame 7E91 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:26:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 20:26:38 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/ Frame 7E91 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/abg_lite_fy2021.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:24:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7E91 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 7E91 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0475 		1 KB
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26069
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:05:23 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 21:05:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 7E91 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E91 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWc7vsKR-4dl2SSJfk56c9GZdm6cKh465vH1svZnYlJ6eGhcGgXWGOXa_BQIblho_r8ll2yU5gyeAtXFjNDVCQDz5MNIRP0dGwnJSLMiiPEw7msGg
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 7E91 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyAfyjhb2E7WpL_hjnbnSLE0h-wIkx2K3BcUG9-58BKxi10jFEYfq9SrjjY67i63MX2XRhJ6rBxC0DNUqW7G_GTwfJzg
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7E91 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 04:19:52 GMT
pixel
protected-by.clarium.io/ Frame 7E91 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31hjtubkvm&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTI2Nzk2MTczL0dZVDVRTS9HWVQ1UU0tRERCLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTJhZDM1NDI0LThkZWMtNDRjMS04ODVhLWUxYzM3ZGI4Njg3MF8xXzFfYWQifX0%3D&cb=7295326&h=vast.gg&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.132.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-132-149.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		112 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=228952408183555&correlator=912508418447280&eid=31080405&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=20842576%3A22526796173%2CGYT5QM%2CGYT5QM-DDA.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3D1880a64b7770ceb8%3AT%3D1705033190%3ART%3D1705033190%3AS%3DALNI_MaYJ7PFSql7p0OSfgAXegn4yExPwA&gpic=UID%3D00000a072fdb5070%3AT%3D1705033190%3ART%3D1705033190%3AS%3DALNI_MY5ivB5SJZYEHAstXSQrtZN1CTTmQ&abxe=1&dt=1705033192565&lmt=1705033192&adxs=805&adys=1155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvast.gg%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=680730703.1705033189&ga_sid=1705033190&ga_hid=1666817499&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj9o5ffzzFIABIZCgpwdWJjaWQub3JnGJOUl9_PMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiTlJffzzFIAFICCGQSFwoIcnRiaG91c2UYk5SX388xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVdVUTFaMVZRWjBoUlMxTldhVnBpYVZNd2VITTNaejA5SW4wPRiEmJffzzFIABIZCgp1aWRhcGkuY29tGJOUl9_PMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yop-X388xSABSAghq&dlt=1705033189166&idt=715&prev_scp=pos%3D2%26monu%3D728x90_B2%26slotNum%3D2%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D4_QC_notchrome%26browser_hour_refresh%3Dundefined_4_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dtrue%26iabCategory%3D684%26url%3Dvast.gg%26referrer%3Dt%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1979966951&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7d28504ebc3cd1f4055abbf772fe34dd0a444ba807f5d80542338b057afbaead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46370
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vast.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C258
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNX9Bxy27ujOLPS-97kNWo1cWL1epxpPer6CoSxJzVZFwNG4rQFhJs6CSAupgMn4qzxEh9XB9piMj12kmxfqLI9Wl7gbpA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3sTyTaAkx860qhcWfVR8Fscz5RexgP8jWxk3ytpmz5bsLb9sEwZnRSys%2FikQhT1NXEpfMLnw48U5Dq%2FceQULK93Ywzact6RL5OXLoxSfSMsXuE2RgrXOaNdwywbLGjDZYmEESgQAh6ZMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a8e1d1f36be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C258
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaC95o6bVgJB-YJxFA.I2gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1&google_hm=2
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNX9Bxy27ujOLPS-97kNWo1cWL1epxpPer6CoSxJzVZFwNG4rQFhJs6CSAupgMn4qzxEh9XB9piMj12kmxfqLI9Wl7gbpA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOyOExacdpu%2BaeiMz6BBq6TGoCa%2FIjrIz9Zlywme%2BkkRe9NLo4RQs28yPX%2B8msm4EGS0poBdJFHwbfLklJomMEdi0b8ALh1%2BDzKWqWQU%2FQ24wyKusXlQd4JQWK5WDOOIeF9T3NlK6zm%2FBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84429a8e7db036be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-kLIMUuchnqowBVmVbVl8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C258
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENkz2gciLFfYT5qlOs8GDdg&google_cver=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENkz2gciLFfYT5qlOs8GDdg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNX9Bxy27ujOLPS-97kNWo1cWL1epxpPer6CoSxJzVZFwNG4rQFhJs6CSAupgMn4qzxEh9XB9piMj12kmxfqLI9Wl7gbpA
Protocol
H2
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
an-x-request-uuid
c26da928-19f1-464e-a0c0-8c5988445004
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENkz2gciLFfYT5qlOs8GDdg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C258
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNX9Bxy27ujOLPS-97kNWo1cWL1epxpPer6CoSxJzVZFwNG4rQFhJs6CSAupgMn4qzxEh9XB9piMj12kmxfqLI9Wl7gbpA
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
an-x-request-uuid
27498601-91f0-4db5-9258-1a71829d2f59
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1NDY4NTMyMDk3NTA2MjA0OQ%3D%3D
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0475
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEJvhv0QAoIC4GYu9dsUK_Fc&google_cver=1&google_push=AXcoOmT51YTeY2HSpE3_qURGbf34XIgT5qlRewShOl4McNr0-N7I1pNTIhdbFCtuFxH29qy_cpLHhG2rb4uSALXdrAj2c9PVJFU
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT51YTeY2HSpE3_qURGbf34XIgT5qlRewShOl4McNr0-N7I1pNTIhdbFCtuFxH29qy_cpLHhG2rb4uSALXdrAj2c9PVJFU&google_hm=UjM1Q0E1XzEwRjI3Q...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT51YTeY2HSpE3_qURGbf34XIgT5qlRewShOl4McNr0-N7I1pNTIhdbFCtuFxH29qy_cpLHhG2rb4uSALXdrAj2c9PVJFU&google_hm=UjM1Q0E1XzEwRjI3QjA3Nl9BRjI3QUNCRA%3D%3D
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT51YTeY2HSpE3_qURGbf34XIgT5qlRewShOl4McNr0-N7I1pNTIhdbFCtuFxH29qy_cpLHhG2rb4uSALXdrAj2c9PVJFU&google_hm=UjM1Q0E1XzEwRjI3QjA3Nl9BRjI3QUNCRA%3D%3D
Date
Fri, 12 Jan 2024 04:19:52 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-388037993; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
345
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 0475
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEF21O9NwFOM2AP1Lq3v8e9M&google_cver=1&google_push=AXcoOmRhYsYUGEW7W2gDEnX3S-pTvgJJGis_Op6TrkAyjndFLWOu78yWCO2ummeJqBOAcegdn5N2wgn6H3uWZPXT7yPSbCJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRhYsYUGEW7W2gDEnX3S-pTvgJJGis_Op6TrkAyjndFLWOu78yWCO2ummeJqBOAcegdn5N2wgn6H3uWZPXT7yPSbCJ08cFF&google_hm=MzcyOTgwNzU...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRhYsYUGEW7W2gDEnX3S-pTvgJJGis_Op6TrkAyjndFLWOu78yWCO2ummeJqBOAcegdn5N2wgn6H3uWZPXT7yPSbCJ08cFF&google_hm=MzcyOTgwNzUyMjQyODM3NDMwMQ==
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRhYsYUGEW7W2gDEnX3S-pTvgJJGis_Op6TrkAyjndFLWOu78yWCO2ummeJqBOAcegdn5N2wgn6H3uWZPXT7yPSbCJ08cFF&google_hm=MzcyOTgwNzUyMjQyODM3NDMwMQ==
Date
Fri, 12 Jan 2024 04:19:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0475
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFgjn41OBafsTuwC1zwZKpg&google_cver=1&google_push=AXcoOmQ42XoHQM21-ND2NBrED7Z7zeNRaA6rr4wgbk5Lv50HVtynVBZNdV76bueytzwtL74BOOTnHc1rgzm5NLMMc...
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFgjn41OBafsTuwC1zwZKpg&google_cver=1&google_push=AXcoOmQ42XoHQM21-ND2NBrED7Z7zeNRaA6rr4wgbk5Lv50HVtynVBZNdV76bueytzwtL74BOOTnHc1rgzm5NLMMc...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NmQ4MjQzMGRlZGJiODFhNg&google_push=AXcoOmQ42XoHQM21-ND2NBrED7Z7zeNRaA6rr4wgbk5Lv50HVtynVBZNdV76bueytzwtL74BOOTnHc1rgzm5NLMMcrMyNsggSDo
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NmQ4MjQzMGRlZGJiODFhNg&google_push=AXcoOmQ42XoHQM21-ND2NBrED7Z7zeNRaA6rr4wgbk5Lv50HVtynVBZNdV76bueytzwtL74BOOTnHc1rgzm5NLMMcrMyNsggSDo
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NmQ4MjQzMGRlZGJiODFhNg&google_push=AXcoOmQ42XoHQM21-ND2NBrED7Z7zeNRaA6rr4wgbk5Lv50HVtynVBZNdV76bueytzwtL74BOOTnHc1rgzm5NLMMcrMyNsggSDo
date
Fri, 12 Jan 2024 04:19:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0475
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEDVqmorhoy4Se3bAmrxjaMI&google_cver=1&google_push=AXcoOmQYI3P15AMZP1ed_OOBRsRpd3coiucAGt0g7bDvGmnfvCw1fox1apb6LebEstMMOnWVKeUr1vrqpSyh5Yas0U_ih...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQYI3P15AMZP1ed_OOBRsRpd3coiucAGt0g7bDvGmnfvCw1fox1apb6LebEstMMOnWVKeUr1vrqpSyh5Yas0U_ihcvGDCFF&google_hm=acc8ce73e02e8b...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQYI3P15AMZP1ed_OOBRsRpd3coiucAGt0g7bDvGmnfvCw1fox1apb6LebEstMMOnWVKeUr1vrqpSyh5Yas0U_ihcvGDCFF&google_hm=acc8ce73e02e8bfc24ucc500lra4qsoh
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:19:59 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQYI3P15AMZP1ed_OOBRsRpd3coiucAGt0g7bDvGmnfvCw1fox1apb6LebEstMMOnWVKeUr1vrqpSyh5Yas0U_ihcvGDCFF&google_hm=acc8ce73e02e8bfc24ucc500lra4qsoh
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 0475
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESED5Qv-u1gGIKCSs0FtZtMSg&google_cver=1&google_push=AXcoOmS8uw0GGWXNsrQzn-o7xRnTfpPgmtCmQcimMLEm74zqtAQPwCtSUBN97fpkKFA...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS8uw0GGWXNsrQzn-o7xRnTfpPgmtCmQcimMLEm74zqtAQPwCtSUBN97fpkKFAgKSqDvYfjLAtUNVmxBQR5rOb8cWvnv9U
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS8uw0GGWXNsrQzn-o7xRnTfpPgmtCmQcimMLEm74zqtAQPwCtSUBN97fpkKFAgKSqDvYfjLAtUNVmxBQR5rOb8cWvnv9U
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
33371afe
date
Fri, 12 Jan 2024 04:19:52 GMT
x-bytefaas-request-id
20240112041952410031C3E036A4352CA9
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240112041952410031C3E036A4352CA9-7980193C4A35F396-00
x-cache
TCP_MISS from a23-44-200-118.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=13
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240112041952410031C3E036A4352CA9
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS8uw0GGWXNsrQzn-o7xRnTfpPgmtCmQcimMLEm74zqtAQPwCtSUBN97fpkKFAgKSqDvYfjLAtUNVmxBQR5rOb8cWvnv9U
x-bytefaas-execution-duration
3.52
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01cd233cfdd8e701a662e1cff02ec442d3a1a79073c5e334b7be3d6148fecad074c8674e476ebf362cfd131e582377b24ab117058b8f512d62e745fec95b45bf1a23b6ed92878eb9ac25103a81fecb89ffb03c51b8f4e0acac673aa1324994b9d5
x-origin-response-time
13,23.44.200.118
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Fri, 12 Jan 2024 04:19:52 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0475 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCe9TRQ5ed2NceCVtKpdDfwlclE2IYoQPbDgh1ZyYJzo4Jwb63cVvc6EzOZIed
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
v3
id5-sync.com/gm/ 		698 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a9f66d205f7a63db598d796d9a0b758e3d3d7a16c1345671d5f342f87da4a2ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://vast.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 12 Jan 2024 04:19:52 GMT
via
1.1 1ffcb4016d0c1224c9505d74a866e6a8.cloudfront.net (CloudFront), 1.1 4f2fdf2ba20f9ce71aed4e27ec6e9ce2.cloudfront.net (CloudFront)
x-amz-apigw-id
RaKccGdODoEEmXw=
x-amz-cf-id
ym9BE3Y_2QZzY7_WGw4q4GL3k1V8fKMXgkjh81TqdxTpHqK9LggR4g==
x-amz-cf-pop
IAD61-P2 IAD66-C2
x-amzn-requestid
ed22ac4f-3e55-46e9-a8a1-3d87b3b52198
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		30 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

Accept
application/json
Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 10:36:19 GMT
via
1.1 1ffcb4016d0c1224c9505d74a866e6a8.cloudfront.net (CloudFront), 1.1 4f2fdf2ba20f9ce71aed4e27ec6e9ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, IAD66-C2
age
63814
x-amzn-requestid
8206a1ee-16e2-4022-b7f9-8c82ff15cea3
x-amzn-trace-id
Root=1-659fc4a3-19229659326a342455a33923;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RXupkGgWjoEEK2A=
content-length
30
x-amz-cf-id
Sfx3g1r_2LUupURbwnWyEMWmnAM4hG1vmuKiszfhsshrdLaPDfGI0g==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
container.html
9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8044 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:50 GMT
expires
Sat, 11 Jan 2025 04:19:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1458
check.analytics.rlcdn.com/check/ 		25 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1458
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-59.iad79.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
via
1.1 c208eb85ab071bce3678151b6fd6ca36.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
x-amzn-trace-id
Root=1-65a0bde9-50441653650ef34e530e080e
x-amzn-requestid
139be248-cab7-4309-89f4-d6e13ce37a5b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
RaKceG5nDoEEeCw=
content-length
25
x-amz-cf-id
atSZ_y7XHtthXvY0ugDs9n6KqNnvRysZrwyG-w2fqQ0cId1Qe4U_dA==
1458
check.analytics.rlcdn.com/check/ 		25 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1458
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-59.iad79.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
via
1.1 c208eb85ab071bce3678151b6fd6ca36.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
x-amzn-trace-id
Root=1-65a0bde9-2ae5ff42006760e635e67d06
x-amzn-requestid
5eeded90-37d9-4e08-90bb-a6cfbf89ef99
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
RaKceGWFDoEEqgw=
content-length
25
x-amz-cf-id
Twi0qCI4K4aWrnCx2tUNNMTBjLWe8k2Hz3Pw_eEletklro03ws2UYA==
1458
check.analytics.rlcdn.com/check/ 		25 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1458
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-59.iad79.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
via
1.1 c208eb85ab071bce3678151b6fd6ca36.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
x-amzn-trace-id
Root=1-65a0bde9-5f51f3555d2cafba58b0b635
x-amzn-requestid
c01f6556-b21f-4f92-ba8c-3d73567dcb0d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
RaKceGhjjoEEV_A=
content-length
25
x-amz-cf-id
YUuKD-b4KhvxV_-d4dNxAbCd6jgeEdmq0Si9NelaVzAdlUGmIM6O-A==
pixel
googleads.g.doubleclick.net/xbbe/ Frame E9BA 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNV7B4kCuQ_LvWC3HWCjcPy8a9RJtncwFZmGklitrr-56hI8oHJ23ISYW-fSKNPKtGjzlw4fZu4EZFeuvSMv1FHx7Z2fOQ
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8044 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Origin
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 20:54:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/ Frame 8044 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:26:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 20:26:38 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/ Frame 8044 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240111/r20110914/abg_lite_fy2021.js
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32106
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:24:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8044 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 8044 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A833 		1 KB
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:05:23 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 21:05:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 8044 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8044 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJHprWAng-T-fgD_H_ZSTJp9i8MaGbfUSU2GV1G3ysb2HdChVNCseusmFgqGZEI2P6lcV-7of4moGy3Np2dlOYeX7JXmm3PQfRUpgo9dXKjbdkkRY
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 8044 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmqi_hrZZOesIyl7vJghX9Fmh3Oirwr2-fChuwOxDVFwNqVplrQ22aLNVCbIbeVTzXdSHBmJvn6wRf03TQL50UaQNbdg
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8044 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 04:19:53 GMT
pixel
protected-by.clarium.io/ Frame 8044 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31hjtublod&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTI2Nzk2MTczL0dZVDVRTS9HWVQ1UU0tRERBLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWM0MmEzMjVjLWYxMWItNDI3Yy05YzY0LTg0ZWQ1YTIxZjZiOV8xXzJfYWQifX0%3D&cb=9224116&h=vast.gg&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.132.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-132-149.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E9BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELjhtYBjdRIrNzKKlqBHgHs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELjhtYBjdRIrNzKKlqBHgHs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNV7B4kCuQ_LvWC3HWCjcPy8a9RJtncwFZmGklitrr-56hI8oHJ23ISYW-fSKNPKtGjzlw4fZu4EZFeuvSMv1FHx7Z2fOQ
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELjhtYBjdRIrNzKKlqBHgHs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9BA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNV7B4kCuQ_LvWC3HWCjcPy8a9RJtncwFZmGklitrr-56hI8oHJ23ISYW-fSKNPKtGjzlw4fZu4EZFeuvSMv1FHx7Z2fOQ
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:19:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZmZDhjYzMtOThmNy0yMWY3LWRhYmYtMDRiM2U1ODk5MTcz
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame E9BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA5hqtczpv3ycSyOPoz-ApE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA5hqtczpv3ycSyOPoz-ApE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNV7B4kCuQ_LvWC3HWCjcPy8a9RJtncwFZmGklitrr-56hI8oHJ23ISYW-fSKNPKtGjzlw4fZu4EZFeuvSMv1FHx7Z2fOQ
Protocol
H2
Server
23.56.163.154 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-154.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 04:19:53 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEA5hqtczpv3ycSyOPoz-ApE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9BA
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWMyZDk3OWEtNTU1OC00YTg4LTk5MTEtNTgxNzU2NTBiYTlj
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWMyZDk3OWEtNTU1OC00YTg4LTk5MTEtNTgxNzU2NTBiYTlj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGI3DtoICMAE&v=APEucNV7B4kCuQ_LvWC3HWCjcPy8a9RJtncwFZmGklitrr-56hI8oHJ23ISYW-fSKNPKtGjzlw4fZu4EZFeuvSMv1FHx7Z2fOQ
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWMyZDk3OWEtNTU1OC00YTg4LTk5MTEtNTgxNzU2NTBiYTlj
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 12 Jan 2024 04:19:53 GMT
pixel
cm.g.doubleclick.net/ Frame A833
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESECJK740dvOxZWFuFXpfDyrA&google_cver=1&google_push=AXcoOmTJBpuJXhsoValPljGLcfUc7XXozxdiejx9gMKDmgeIMXo2mgP2ronPZTsylW2J-a5-lD6kUINPxENc_YP868Hj4veeZgs
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=U051MXYwVVFESXkxTk5DdDhMMmdaUQ%3D%3D&google_push=AXcoOmTJBpuJXhsoValPljGLcfUc7XXozxdiejx9gMKDmgeIMXo2mgP2ronPZTsylW2J-a5-lD6kUINPxENc_...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=U051MXYwVVFESXkxTk5DdDhMMmdaUQ%3D%3D&google_push=AXcoOmTJBpuJXhsoValPljGLcfUc7XXozxdiejx9gMKDmgeIMXo2mgP2ronPZTsylW2J-a5-lD6kUINPxENc_YP868Hj4veeZgs
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:20:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 04:20:00 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=U051MXYwVVFESXkxTk5DdDhMMmdaUQ%3D%3D&google_push=AXcoOmTJBpuJXhsoValPljGLcfUc7XXozxdiejx9gMKDmgeIMXo2mgP2ronPZTsylW2J-a5-lD6kUINPxENc_YP868Hj4veeZgs
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
242
asr
aid.send.microad.jp/g/ Frame A833 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEIP9qPk35OAqrTOE0ntI55E&google_cver=1&google_push=AXcoOmT5exP6iJK_rwTdo7y8MdfUzaSRwGBWXCmJCcoZK2dPRzAn6wgIZoqtsJlWwbOIiWOGe19nH_tQoMKfch3vnfNwvweqSp4
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:57 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
/
s.uuidksinc.net/match/47/ Frame A833 		0
0
pixel
cm.g.doubleclick.net/ Frame A833
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAog_9dXSkEdAMDPnKFfrro&google_cver=1&google_push=AXcoOmSEz2MvbfFBixAmzrffcSZiX7OI_WyobRZIic-Z4_wZ-d4yoc-QDXJMhMQnYHHSN0M7ubt5b8bAHGk_x...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSEz2MvbfFBixAmzrffcSZiX7OI_WyobRZIic-Z4_wZ-d4yoc-QDXJMhMQnYHHSN0M7ubt5b8bAHGk_xr3lXAsnuVBXsy8&google_hm=VnJvUy1hcC1rRVkzamVFO...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSEz2MvbfFBixAmzrffcSZiX7OI_WyobRZIic-Z4_wZ-d4yoc-QDXJMhMQnYHHSN0M7ubt5b8bAHGk_xr3lXAsnuVBXsy8&google_hm=VnJvUy1hcC1rRVkzamVFOHZQVHk=
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSEz2MvbfFBixAmzrffcSZiX7OI_WyobRZIic-Z4_wZ-d4yoc-QDXJMhMQnYHHSN0M7ubt5b8bAHGk_xr3lXAsnuVBXsy8&google_hm=VnJvUy1hcC1rRVkzamVFOHZQVHk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A833
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEARUKutxzVdc_T-Yq40F7o0&google_cver=1&google_push=AXcoOmSpfBgtUqZFkx5MWAr4hYXeiNESc1y9xfMLiWvsAKUKuJ1-76uB4KTAQ6r2_7gM1ZkrpSTIzrC0e0gGLyHGylNCNx...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEARUKutxzVdc_T-Yq40F7o0&google_cver=1&google_push=AXcoOmSpfBgtUqZFkx5MWAr4hYXeiNESc1y9xfMLiWvsAKUKuJ1-76uB4KTAQ6r2_7gM1ZkrpSTIzrC0e0gGLyHG...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PkYR0nTRTi-h1MRl-EMrkw&google_push=AXcoOmSpfBgtUqZFkx5MWAr4hYXeiNESc1y9xfMLiWvsAKUKuJ1-76uB4KTAQ6r2_7gM1ZkrpSTIzrC0e0gGLyH...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PkYR0nTRTi-h1MRl-EMrkw&google_push=AXcoOmSpfBgtUqZFkx5MWAr4hYXeiNESc1y9xfMLiWvsAKUKuJ1-76uB4KTAQ6r2_7gM1ZkrpSTIzrC0e0gGLyHGylNCNxWBwg
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PkYR0nTRTi-h1MRl-EMrkw&google_push=AXcoOmSpfBgtUqZFkx5MWAr4hYXeiNESc1y9xfMLiWvsAKUKuJ1-76uB4KTAQ6r2_7gM1ZkrpSTIzrC0e0gGLyHGylNCNxWBwg
access-control-allow-origin
*
date
Fri, 12 Jan 2024 04:19:56 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame A833
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEGEiHR1fgAXUuFyLK2naxz4&google_cver=1&google_push=AXcoOmRSRf8jFAHi2s2kcfdFHGjXS2Hil779C9JxvKfHHwLOu_CLpvIUN7EyhGfnHeMKlQ_9gC-_6P8CD8CS3NSYPZUkOephGbk
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRSRf8jFAHi2s2kcfdFHGjXS2Hil779C9JxvKfHHwLOu_CLpvIUN7EyhGfnHeMKlQ_9gC-_6P8CD8CS3NSYPZUkOephGbk&google_hm=5c2706b8679c7315b36d...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRSRf8jFAHi2s2kcfdFHGjXS2Hil779C9JxvKfHHwLOu_CLpvIUN7EyhGfnHeMKlQ_9gC-_6P8CD8CS3NSYPZUkOephGbk&google_hm=5c2706b8679c7315b36d158e4439434f
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRSRf8jFAHi2s2kcfdFHGjXS2Hil779C9JxvKfHHwLOu_CLpvIUN7EyhGfnHeMKlQ_9gC-_6P8CD8CS3NSYPZUkOephGbk&google_hm=5c2706b8679c7315b36d158e4439434f
date
Fri, 12 Jan 2024 04:19:56 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame A833
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAMCU0nyVWeOKaK9A9Pk3Tc&google_cver=1&google_push=AXcoOmSbOsj_nC5lpr3dSCHX7PQYgs9P03zzgw5n0qlpng-h-WGjLnqfJCQGY5eWCar...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSbOsj_nC5lpr3dSCHX7PQYgs9P03zzgw5n0qlpng-h-WGjLnqfJCQGY5eWCartw6VieRSYdPiL9mzuKbbF3osxawNKLhg
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSbOsj_nC5lpr3dSCHX7PQYgs9P03zzgw5n0qlpng-h-WGjLnqfJCQGY5eWCartw6VieRSYdPiL9mzuKbbF3osxawNKLhg
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
333725d2
date
Fri, 12 Jan 2024 04:19:53 GMT
x-bytefaas-request-id
202401120419531FBC4A79743D812D4A28
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401120419531FBC4A79743D812D4A28-70D473B7B938AAB8-00
x-cache
TCP_MISS from a23-44-200-118.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing
inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401120419531FBC4A79743D812D4A28
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSbOsj_nC5lpr3dSCHX7PQYgs9P03zzgw5n0qlpng-h-WGjLnqfJCQGY5eWCartw6VieRSYdPiL9mzuKbbF3osxawNKLhg
x-bytefaas-execution-duration
4.81
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01cd233cfdd8e701a662e1cff02ec442d3a1a79073c5e334b7be3d6148fecad0744a9d7ea7ae9867dacf4f25332999eb9be1b4535690d5bbc38618d1920aa8d164a06a5ed41cdcfe770d8816f8b9fad64ef0e75416cf8d2d7acbd306fa050617a5
x-origin-response-time
16,23.44.200.118
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Fri, 12 Jan 2024 04:19:53 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A833 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVews7MgCZrw0iTw9GZq4x8b8uTyq9TFU8h7mYPz2kfmMkS4yUkxivNPX01jcOPwpkhUTDGA
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://id5-sync.com/i/1013/8.gif?id5id=ID5*UJvnDwYyCQrYnTFGeQSn6X_uHF2N6PMUaZXvNiTKsTZ7-VRAquhBE7gm7-mS3l4ae_ohJ3i3Tc6R8YZzHBvWeA&o=api&gdpr_consent=undefined&gdpr=false
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttl=%%TTL%%
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F434%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/1013/434/6/3.gif?puid=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1013/441/5/4.gif?puid=u_ac3e278b-a86d-4c4c-b4a7-51172b398120&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1013/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1013/2/4/5.gif?puid=1554685320975062049&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F429%2F3%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1013/429/3/6.gif?puid=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/1013/112/2/7.gif?puid=318D3361E203BB5&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1013%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_co...
  • https://id5-sync.com/c/1013/108/1/8.gif?puid=b864f3c7-a81f-4837-ab77-1c63f50731ac&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MzE4RDMzNjFFMjAzQkI1&gdpr=0&gdpr_consent=&id5=ID5-a6f3N5-INukwsHpIqSbVTkOdYbxFcihYOG4KFWcwCg
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPy32b9mIh9cLr1SDscyPNA&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-a6f3N5-INukwsHpIqSbVTkOdYbxFcihYOG4KFWcwCg&...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
70 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:57 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:57 GMT
Frontend-ID
0
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
encrypt
esp.rtbhouse.com/ 		221 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ee0004548e9a288ee74ca03ef03df7a7959490b994895c1b02df8939c677c01e

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
dacc4c5a779147a6296a4f8f42f0c173
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ats.js
ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ 		237 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-112.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f5e46d3c495f28b880fcac560de23397293f568f592f72088996c47531e7d9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
R_k3mg5rG.lCrREw080wnntqh2BAifJ0
content-encoding
gzip
via
1.1 03c6bb07a0ba5f6bce71fe21ae4e3d78.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 03:51:32 GMT
last-modified
Thu, 14 Dec 2023 12:30:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C2
age
1702
x-amz-server-side-encryption
AES256
etag
W/"e3587c47c2cfe21469f04f0666755f63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
Wdmoh8YwLOadl9uqkzTuoSRkJNKg5ucZBUoVOXoKCVppMl_6oes3Sw==
/
geo.privacymanager.io/ 		30 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 10:36:19 GMT
via
1.1 1ffcb4016d0c1224c9505d74a866e6a8.cloudfront.net (CloudFront), 1.1 4f2fdf2ba20f9ce71aed4e27ec6e9ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, IAD66-C2
age
63814
x-amzn-requestid
8206a1ee-16e2-4022-b7f9-8c82ff15cea3
x-amzn-trace-id
Root=1-659fc4a3-19229659326a342455a33923;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RXupkGgWjoEEK2A=
content-length
30
x-amz-cf-id
9WK3OQDfQrOMem33VakN-q3_t9CtkV-8nTfN82QrJd7DklLNpIISSw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ 		30 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-21.iad66.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 10:36:19 GMT
via
1.1 1ffcb4016d0c1224c9505d74a866e6a8.cloudfront.net (CloudFront), 1.1 4f2fdf2ba20f9ce71aed4e27ec6e9ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, IAD66-C2
age
63814
x-amzn-requestid
8206a1ee-16e2-4022-b7f9-8c82ff15cea3
x-amzn-trace-id
Root=1-659fc4a3-19229659326a342455a33923;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RXupkGgWjoEEK2A=
content-length
30
x-amz-cf-id
b_FLaVQwe3Q04QoXtMiK5T6otgV_dLFj-2aUJ7zIRsfGF3kz9HEZfg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
FFXIV_FreeTrial_160x600_Monsters.html
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/ Frame AB0D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
6279dfc2219d1b2702c0940c21fcddd29c753d972757395b709616233f18808f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
113050
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2349
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 20:55:43 GMT
expires
Thu, 09 Jan 2025 20:55:43 GMT
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 33DD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsucVD-Nuc67i4vueItTWPPuY63eG63i3ly8quzwrgvutX3JpU-YbpfSrdglSQ0X8ojUz5H61z1rAagRCUTv6rnZ0yS76vitdbAQL-QH0h8gA_rDhJHUwqEdEqYvv374X1Rd3QMw6-8CERxhpCjvNGOFv4ACgzP0bZ414SNZ3tmZDVo7it_S66FGTDZuLrcOVBhFPljUC8fZ1imw_s7O5lxIUzHhzMYHOA-S0AZzosHM6VPbbpjruna-kkAF8FB8R8kaZ4byJpsiW1TZyAkoS_A2YpQRO80RGpdlDroxWrtm54eDWv5FlNdDFTe_VdniqBjR23miWiDlB9eiZQOgT-QpFPcSt6jP6SapIFlev99jP0NFMzNvjOrYpLPHqW7SeXLhTksKQJBTSomcZv5MVTb6fYbWvFdyzSDJ7eLtV2D5XGxiCuIqc5YrdEAtjLT4sB8ZI0RGgD6DCP8ji48Arq4FSGCCVTBMuWCfZSDpF30O8i4tHkH6NWH0z9DRMIygwMqFTgreUnJ2x3kRMm3K8DAt8XdhWlIcpcxlGrhfBtC1hVy14TQxbRFWI4zwMtnI4ju6poPJ2JWAhU9MGeOFH3-jPT2q6w5Obfxw7-N8X-4MU_dKA11hVhCh_KxnUKSIWxKEOBz7CzJeZx2zEPG2OzgwP1La0zXj3KUi9Btf3DcwMBfeWKsNAPwsEe-9l8t-UeRnDPiFWcMk9ghn5w8Ucz-PqcfWEzBh10pwU_wS63qvG5nD618Z8JqBCmHnXpMhwrDRRx0duC9PPxvqvhLO4ZlCh1CvCnT-0aaTJwA5QclKGNtK80VyO3yAVnWpHceNSioURwMEgSJ4OBOUL4G_IOmV_tVfY9ckFuJsNXZCDkshxbmQKp0bHQ-qaKkZERM0JpTRM0VNxnr5XN_6zmyWTKe_khCAsGXAY3PGzG-gezTXWVphywVHEpWT_GffPGuWWsSnxgzCkvZLShjhCoF6I5bbPpzy4efsEWCBL0h6bb4TpIeiFN78fAikY-4PtWp62rsBmnwNDwsSAYpcmwB_7-fy6xK4CBd22VzP9jWRe6sErDCPBOMPQut_YAtKLRJLMYznTnXcrHS0AxgzzomPgQQ3eIRV8UrrGzH3WhoYdq6dbmwEr7PIP40XTvllmhRawxcePyBNYsg5_upcraoiJRo3YbJZL_nK0TKHOLElr8Vt6EtQKWQMoKlsxMo_eRq3g6UsOugkfAPfRtG_aDVL2JbhOrkbKtzQXxL5jnqdX3WpyDwIg7HAoB8wTsIDGoEs6NlP0OgCqSFnEWXhgc6EOYIt6Uzk-KroRF9nIhnmzov2nhNRUmo-rZAb5W2L_FIQGOMRBDA06hd9YEakgTO6FSFCp6wfyhzip2L88jFhBtfDCl1I0dyDRHDrwY4DGci45Sng31unlK250htheaN9MKzCu3709gYuX_cOXdPATEA&sai=AMfl-YRvf1rND1HZO5WduKvUfG9O41E9Tj-CmEWB8VNTKe4tUmZaE0ipYarl7RRN1ENnRyus_nrxnGXLkaASMeXOfl1RVkT86PjA5xsmCLfmFSArF6HpdnKl2cnEnHt8htoQO-wLH58ri86t4OXOXoj_bMugfUNHD712ZNsX16gR6hnlSGM75Av7gzSZkR2Pie-EyG47YCGCxQ05nLQXV9gp323oEXEGb44nGwBtE1gzXO_JQIiZ4w2n3diyspGwZEtaAqi0H944tBxpchz-9Npya8A4luDJwZtrA1454Y9ZFFcpLqZphTKsHOzZKLIa9hUyKeTwNKRYclDk1qyqS4TabGYbMZmPuCOZ3QtreFbev9ASkKmdW-TXf1qqPMv8HVuu_x6EWuzlDEw9_WFNsvNTMlGQZgeGMg8kwaT7U6ocVZ0&sig=Cg0ArKJSzDtWzhP-_dJzEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maW5hbGZhbnRhc3l4aXYuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2028&cbvp=1&cstd=2024&cisv=r20240111.68116&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 04:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
m.js
ctxtfl.com/scripts/js/ Frame 7E91 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2085379033&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.99.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd79d39bc5e9e5d6898da2b2cf9cdc96da75a6489620de005eacedc1a3376a8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cx-browser-cache-status
SKIP
cx-edge-cache-status
SKIP
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jan 2024 04:19:55 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP8cfaLcUr8DMzkAfWJvSxcwbqLUyV7UwNED%2B4ew8o37IuslyPz832H1aXsp8lVX3BuXNjLKiMZT8vkX8grxIntleHw4Mf1eajv7CFiPEeRV%2BJF%2Fd5ZxmxWthjRx"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
84429a9ce83442b2-EWR
index.html
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
fb502d2699fa1cc395b0490349ddfe62598a52ad2889b3e1f6418328ddd4075d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
142067
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4670
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 12:52:06 GMT
expires
Thu, 09 Jan 2025 12:52:06 GMT
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 7E91 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu6aVDU5wJX1jv35gXsjwq11NNJFgfsa3qwCm4U6G5N_0Ie72eOSzZpR7CbmUrxlf7NWK-mLUlKtD1lvvWi6a_Dwym1TJjID_kzFbLF3xUvqlgrNSt7AggzeiBYHcphPIConX2v53IE-6qXpvgLUpkaz-3MzJAsJhojlckA6lIsh5L9AN7wPoBw95HdrxirZMW5axIJ-3aZ2KIMaBwT6qhIXjWS_9dVK6jbPjq0KtFficUEf6mTkXjEb8pmqS12DQ9STF3glnzGXcRGDK1UorI7qi4FTStwp7dvh1rMdvK1jdEiGIRI4jih6dp5q2l04pzYIUVssZyyVl4yr8d60lw_iP5vS1JulX26Vh229-1utFANlYnJ3bhryEb7CckL8TiBpZaXMHVsYuFMXO1ix7NYoFWTziVZwbM2Guo2CMkpy8MvAHzwL8ciZ9ui30UmSxgf6lLS7bREoFDIAoNPc38W92B7BglkcSLM27ustsfBiZeP8Z_U0z_YYmu3dGS7Vm73vldZgRIb9XdU4iVkbXX_6b3K5WJ7Sv7Lj8TSUPWR-OjZ7UlxKxhNHD1M-vWM-8vu0tA4x2qQc9HF6Zihk-XwsdY_n_Ext8Gz0dwRugwe0G0hFllbHSVq-asFJWMGLziQ6fbjWHr-ZmPmXuXF5tyE3WV8KrMAMj2Q1mlb2xFM9i27dvRiO8oeM5Av3Lh5Z2D8zX-kfC72LjZk47sp8BZkCy1g5eVYNCIFF5lKp3-UpQaPsli8YwW7o_FwlUQjO4AWwoUEVSnn52Fxea-act2aiEYNzewZLcY4cnoNbUjsIWbDNi6EwAi9SI4GJsjFaJn2fTLJ9NIfVaT2zQF-H5XUta_J7AaSpc4RVnK--0zkjFDbh33Utl3jcuUZZf2B9-qJUBLmWl83iSAz8H6Nno6FLaVvD3O_j3yN_VNMmM1KGkKSh9EPxH3vZgscbk41rtbVWH_yzntxTQ84umK2nuqg987-fWvDN82orMEv6FDZ5sWYvGXO0dFS6FVNe4E8nFcGKx-0lnjTz7eZTXkYIF7a2N4JXnO_RO0aElJUVYdmcHJomJFQdcdWngIs3B59jrsfIdMCKAEM4mmmgxg57LbXlT7LYbjdViYzceQQ9hE-ThvjeEdbEwXQWHUwcuLQHdlUDYq7x6DjIhXcV3gGwe87ex5nFUDuLYBbaoqQSBXtPXZrGkImdd0oQ4wIXDZ6T5mcrQc6q9XXwRAbY-PKTtYJA-C6nHePatXaGsTrVKUaTJe-ZTBhVOMYziRx_svnSoFCxNrHOemSt4PHreDkbgczg9Nb0JLFDPdI1bHegAtHUStUnyGWUxC9mo_ftdWanKfKbMkEpCz5GkszHIWDQzKyW92SQCVUIx98l8aoKjrsgHj2ku_J-VgYj-4vZLf-FAsUsdBaXb9LS7Rfqu3iCECn-71pzQcWejrjGOpK9B87vuc0ZYwLGs0sueEg5yLonzV2O9w&sai=AMfl-YTpppeu7boIXfRnPvzeyO7TZAMqjlMSJGZUGhCRq4LwFlZfjm0TYvuESd24kMq-BRFTUMhaFGa6L9GD5VvUHskca2hPhOHhXJR__ql0cmhRMW3PHcmGrBLkvoK-V0Ub0YhlHOBsd6M-FBiBRJOx_dQbV_gBzNKYqI5VQ38tuU9H8X2ivNgtsRuwDW7Lqh-qrzIZRUHr-4di8dq8Q6JCIqzGYYbyuogNl5-eQVQVNYJn8iYMoEUE4AjtrhghiGbZ3xV8C5QFhkJ48bXITSzL3ELuLay_xz9_k9KZi9S2o9oHPBLm_8RCZTVlenuinyTeZ_dYX8q9-90HJpCLfbSBrEWP3i9pRE2eo-lWXQ_AtkhzqWwRz2wWdmUFKsfyh1DVmJuIUCCO4vkVT-AZIvucPRXr_PRnTrmfamJ9XlOfsucEcr-_p3A&sig=Cg0ArKJSzOe-TcQS8mrKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZXRyby5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1169&cbvp=1&cstd=1168&cisv=r20240111.72996&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 04:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
m.js
ctxtfl.com/scripts/js/ Frame 8044 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2876264517&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.99.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6723b8bbe92c15e18929286fe011894f8ef9acc7837c54bd2b04420b3fbff6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cx-browser-cache-status
SKIP
cx-edge-cache-status
SKIP
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jan 2024 04:19:55 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJQDkM34Lct5%2FNGztiPgMzN92Y%2FDfOeyrXuFk9nxDOImlbODKOgzgg%2FXTPYdz7JgtUleRaBcec20vL2%2BRp0X%2Bb4R%2FmUlA1v5Q5mx66b%2BQR5udlCJZoJUEP4d4uXT"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
84429a9ce83042b2-EWR
index.html
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
fb502d2699fa1cc395b0490349ddfe62598a52ad2889b3e1f6418328ddd4075d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
142067
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4670
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 12:52:06 GMT
expires
Thu, 09 Jan 2025 12:52:06 GMT
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 8044 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstD5C3_EUkuyN8CWZAsqZt8vRPOByhXgJKxlurDZ2KUCrckD5C7Gg6GKt8g6w4s5HCftYyK5-09iJ9H1kJrMbyQCguEt2KVDJ_z5XBUc3DZbVQAKHxrhCa41KhKpghUBQx-HdDpndXjz5vfkeqwiu3QR0KWfgwPwQETmoNmujCyFol9HMiyBR1ZfDSi4-EV8FOl8Jmg4sTSc1xWrTO26VeIBGt4O_Ux_X5z7RwjsDeBzIUiYqC4EcTsceIbxuuYfa2Rmo2eROhwHkoRSOLfadVg_9K8sPHAUC2VDu2c6rwYHl1ykVmv61afasZvXr9YeQxhsdlm8wNm_5Z7Aquq84-wsshooTNfhCdFsOU4y1LkQtB5xHfvm0ifAu8tduwaJfTKbY3uKOnIsavPTObJri9Jc94slGiwXht_ctbtU7QteBlWFR94jr0MXw66mIkOEOwLDV_nJHdHZf6YIE9x8MYdzwB23A3Le6jLbuAVVEyRJZDW_KBYzpoBgxH3h4EK96PLUF-Nghrv5MMT_5wy8Qdku0l7RM9fD-0-JbZKAIOFbA2D3_74FRMlyazrxlGzzWDdngMENTM1J-flEADk9sV-kUL3zxZZIqQzs2uNNHbkxoSpAvNu_yA4ZetHGPOgVf7nLpOxE_Z4TymxIH_KiIpC_MLreOEUxwxebp2sHAqel72IUDUnjr2aTLoUVodeYxn2KwjvgLaa0b5_rDE8GKihacoFjDNElBgvBCmvhlmvvShi_m6BM5iSO8v2jj-TqP_CjwvOvPF8bA6bRF3jrDF8h5g_fmRx9Tbb_yo1r-geU6WOQhSFDh4FZLaK75DBCwpa1nR1E0IqhxTHwHRE4s8urLzZG0pJrcDB9UGSu6tR37ABmPHEcKyzXbTGy9NFOPocSM1BvZAu1j_D8GH8Zg-y4RTu-MKehzSsIr9tYYJxjdYE4jipQ2cAwXLHqk_ihiNxtov1oGdLh46sha3JdEGkczEODVE1gIqnKS88LK_IC5mC2H9PoByAPDdMSUXXZZ-MO-XuPBZhGM3MmRrklxMiO1FIWemmC2ty5qork0V31XTsuk5zxaQv-x7WRnVUn0jWfrSNJFn0KathiHqBkVlHf7XewD7HW1h2sXO9PVCPdPLcud13Kg6ok29LIMKx0ACoqhwZr58qA-teZOrJmrnwJRIVWTvQW_Ma2g9g5TLQI1K8RtHW46C3IODqt0xTHvqwvuu3VGVXDyENXUqT1d_f5xvJJ10XYNOLQbiU3B82BSiABoGBpOW_O97kUyKrLzCWd4K_h4GvWdTvo-8P_SxHuTfbA9836ZkCmdXrgrQajC38wTEFnvohS4ZQWq7Hhl_YiMk5qSQnrQZMpu4nQCl3qCAkDg2FjJeLkv19ed93kC5-IIKRzKO33XtITPfoX4CF08yv4gRDfAPI_WxyswaH9l62K6b7Sb5xkh-7oBYjEVaqYw&sai=AMfl-YQikGoKPzrMIrZBFiqifWMvzubpTH0v70eNqurLnrYa657YhyY6MDA8dJgYlvafOZMIZu0kKsU154R9QE7ni7aykmW8TdywbU4yumF98aW2Luur-rl5EX1AefDGe6nWZ-TWQQzV0pn6qShdU9gPCgCbQl2GocvkIYwF697U_fIe78sNyrNz8s2FZkkZRaGCRiNtaC7_c5Q3gAAWqFMvso2tW4rII6jq9kwes_Kg9EX8-yC4Ovzs4x4d0qxa2yxZ6byK9RtZItYf-yDOcQmzOpfQxqCYBHjJdP-hxcLD1jS72dbH37VR7FkNieOPb0_-bC2_U0FyDbvPPT8oeR5hMYU5G1gKRVPMlYGY__CFxgsBdT4TlVOxdZ80x0u1ZBQhnRURFjC8OLbElq7Fl0AaqCPtMENc1Q8lKQxbN2vhmpH7O2vCMJU&sig=Cg0ArKJSzOnkvB5p3nJJEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZXRyby5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=394&cbvp=1&cstd=393&cisv=r20240111.95088&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 04:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
m.js
ctxtfl.com/scripts/js/ Frame 0DC8 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2277160852&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.99.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a03e4413a20d56938a865bf3d1adb366545e9a2477556cc0b41a2d79d8e4f5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cx-browser-cache-status
SKIP
cx-edge-cache-status
SKIP
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jan 2024 04:19:55 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2B%2BtXIlPDK0TSi5lC%2FE9%2FQ%2B8C9CuIr4%2BvhUrIvY0GIBXJ%2FaBDp4EgYjDSH3QgKhVFTSvhgn5Mk4tq9WzsDnBAQM063kzDTWBZYuvTf9ugbujv762ORyBRCgakwtP"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
84429a9ce83342b2-EWR
index.html
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
fb502d2699fa1cc395b0490349ddfe62598a52ad2889b3e1f6418328ddd4075d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
142067
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4670
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 12:52:06 GMT
expires
Thu, 09 Jan 2025 12:52:06 GMT
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 0DC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssiUlCOOXcpgl0tzOrABnNUwKMwRrqHaQopletxKesUKKPH-R73B-PLKLprBzAmjEmguTS5pjwzy1KWnRb4DvF_2AQ7RqMYGg0QR5WQBNMN-1nJGl1XMYpVWz2o78iH-cxJe8kdodFoQgwgxfzkXRkLalihJVCe46VD3Ii2nlW8CYH5TYcB2WJ6P2GVDJcr7xyn3v-MhtwMQmXaiq9WpQaPYYN2KER75yZ6hYAHFWaH3MeGMm5hogdqT4qv9ryVxfPBlmZD8I50kjwgLKsCb-WCEJpIQBp223t2wlScNGwOiUulNF9ri7drpPVWdqowfEFviwRvlGhu22HURDvG4BtyRzRWhHgZ5Yjn-8gUlIt_AtSQwfL9BbhIQXp30H8ANM85DvSXzQWlY4FyN9ouy3hrHjQ43nEoMu_YvcOVtpOF3F6V9yz9RmQyPabuiaNhOtcs60dz1nrZkLwWWhCyjf5n1yoc6uO1XmaB-wdctWHRtk6pdLwTfDcHtV2_krEU7HNxx5F_KjA06ZE-5Mvb4RHsFGNwlGRgX-Hk1OrnPf1cH23LpYshAJcITMKfTQ4KbhzuRY_JadiCfGigsg_UPabkh29AIcoS3nxh03BHwFz79W66ifbrxLSFtSo1WH-Y18qodSi9dniRD_jKtWw1C1LjJoKqZdQwFer85VZxskat8cVzH3TflDVQVbVh00COLX5p3Et3zvkGsX39W1HtL2yT61uhY5x_WxjYwTYLu54thC2MkPRwcO8mGQQzfZ1Dy3orazU1f1isJ7XMXknC9g4DMAtQ12SEFYFJbUe--E_CPBsDQuJJwCmYl6P3W7lxJtH6jVER7U8KIdnw9LTGC4EVGDArQ6-425iEe0QXazmMDdY6thx5rXIspI8chCgB_Wjxw24Ed2JaQM_9xD3PRaAF9dLMrtWe_te5YcNrxC3eAKvb9CZo3n3JfD8VX_k67cljiLJMb6TCNAXjgwlrqOFnhqqn6Wnt7VYaiBFaAAlRdHrBo_EXfjmOBOL3I0RXjghaeoJEgZ_HO1SSD9cW40WNrHIkGrun0VvFjURp-kAQ_kgHXDayrsZJljWwmZJYMK8wW5M5Sd3JLJK9hs177G_UeVZn8Kr88ySBX0VwnXC8XJ1WuBlhGWUNjYqsuUk8KUWCwUy0rcY9GbO5t5cdV0h6pMV735cS9CEIax3y8E7oNSQaxUfPFCUI1CS-UhK6fHU28NHaILlK2eMDxij5yXrkmxup7LIXM766wtqsY7P4fUuYmnEjBWpw7dylu6y6pCRRtl8BRJYDJl9W6ck4ZSku_4DyTRq8hVQ_clG3RFhsQLl0psaf1YyX7LTTXxuNny5tuQUrj9BXwnSFO-JjVhwLCrRqTqhGTKZl6broUROnNFXPUGMVtin2QN3N7tQ2kCzNVU1zCBf0-FmmxuUMrtJLO4F4-eGrZWQ5gdQpCOLHu-fEJzxV8que_yL90fAexuLgs0hOkTRN&sai=AMfl-YSRVnZF0bvBIpkTc4zfUtEfhwd9vZfI7CPMywCKE1kizHBMs8KkagTehjpf0-bs5sjuNglqTQGwZo5kPwiGx9_UU9J49J0BYcC211kShRkz73TAinziAgitJhxOQGqsGYZ_kZNe1zqpQiODmDwsNg5Z6ffFiswamzvgF71aT8ExOgMwOiXfD0FO7M8OV45zwNrwsN1ue0PUv4AKBtrJtS9xRUQ7tmnZF7wQKHw7LWLxoTuL0gRiwFeBjlzLT19HcYWI7gX6nRfbklDGoIKSH2jNimKn6awLq3NjU2xY39fKl_py2QNPeWvpCK6gNxd2GigDupp9z3sd9Dwg_17lpRh4HoVU2Y6GH5Vm0yZLKVapKOCJRotjptoFcPLEbtDkgiqVuMQVcFffq8dt0m23ylO48XX2ZQfP9pOLqkuu7tQC61CtIAhmXWs&sig=Cg0ArKJSzE4r2YpYGz_nEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZXRyby5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1801&cbvp=1&cstd=1800&cisv=r20240111.45347&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 04:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid
id5-sync.com/api/config/ 		136 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
2aa25a19729df7b573f42c20a108d4ec213403df5ac193414f02f35887e7017c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		108 B
704 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
d13067db4d0855823e530e1f3d3e20be24a2b820dfe4eeb3d47c757ae9da39fe

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vast.gg
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 11 Feb 2024 04:19:53 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8328 		0
0
2000033.html
sync.serverbid.com/ss/ Frame AB69 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000033.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-63.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e6ee3a660e14eda56fc4ec4bc845220a52ce5cbb9c44c164e7e881a46b49bc9

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
72757
content-encoding
br
content-type
text/html
date
Thu, 11 Jan 2024 08:07:18 GMT
etag
W/"e3980f93156a3a26afc34d0acdc0bf4a"
last-modified
Wed, 10 Jan 2024 14:00:50 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2db4851b6d360f79d8bbeb4eae3c9eb6.cloudfront.net (CloudFront)
x-amz-cf-id
eWRjCjCDPu45Ulej7fnbLgMkfVv4t7gX1d_FMa55e5S9toEjMHmPZQ==
x-amz-cf-pop
IAD55-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
isyn
sync.a-mo.net/ Frame 24F8 		0
0
usync.html
eus.rubiconproject.com/ Frame 79DE 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 04:19:57 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
sync.cootlogix.com/api/sync/iframe/ Frame A2A2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.118.170 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
97b53eae34b187915eacef88c433919a80cfd52458db594f7ad7b873f9c42819

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
1295
content-type
text/html
date
Fri, 12 Jan 2024 04:19:55 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
sync
eb2.3lift.com/ Frame 4EEF 		0
0
pbcas
ads.yieldmo.com/ Frame C5DF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
0c09f8c52e2557da7ade85e2c3dd7275a2699e10bf742366fcda7a847202d2f0

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 12 Jan 2024 04:19:53 GMT
pragma
no-cache
vary
accept-encoding
usersync
usersync.gumgum.com/ Frame 2EE9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=0&gdpr_consent=
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 04:20:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 12 Jan 2024 04:19:53 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
checksync.php
contextual.media.net/ Frame A120 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3d5982410bd5a8c058505849bd7d872cd1a1cc4c1d8c2eb3bef3d2c269e54bb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
11685
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 04:19:53 GMT
expires
Sun, 14 Jan 2024 04:19:53 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 4A12 		0
0
usersync
usersync.gumgum.com/ Frame E708
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://vast.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 04:20:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 12 Jan 2024 04:19:53 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
server
Kestrel
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=F92ol66bVqpfoy5HdaC5PLnVUPQ
49 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=F92ol66bVqpfoy5HdaC5PLnVUPQ
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=F92ol66bVqpfoy5HdaC5PLnVUPQ
Date
Fri, 12 Jan 2024 04:19:57 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=sonobi&tc=1
49 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=sonobi&tc=1
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=sonobi&tc=1
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT, Fri, 12 Jan 2024 04:19:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4ba74d4dae&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=eed2eaaf-00bb-4420-a928-2f23eaabab2e&pubid=4ba74d4dae
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b864f3c7-a81f-4837-ab77-1c63f50731ac%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttd_puid=b864f3c7-a81f-4837-ab77-1c63f50731ac%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttd_puid=b864f3c7-a81f-4837-ab77-1c63f50731ac%2C%2C
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=eed2eaaf-00bb-4420-a928-2f23eaabab2e&ttd_puid=b864f3c7-a81f-4837-ab77-1c63f50731ac%2C%2C
date
Fri, 12 Jan 2024 04:19:54 GMT
server
Kestrel
content-length
359
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=3729807522428374301
49 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=3729807522428374301
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=3729807522428374301
Date
Fri, 12 Jan 2024 04:19:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vast.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cs
cs-server-s2s.yellowblue.io/ Frame C5DF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzU0RjYwMzMtRUYyNi00NUQ5LUJGMTctQzkwNjFBRDUyMDEz&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.yieldmo.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
date
Fri, 12 Jan 2024 04:19:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
rmpssp
sync.1rx.io/usersync2/ Frame C5DF 		0
0
pixel
cm.g.doubleclick.net/ Frame C5DF 		170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=VkV6WTdjY1FRWWM5RUtiZVFzUjI=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame C5DF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=00bw2j7lAzLn&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=00bw2j7lAzLn&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:59 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ads.yieldmo.com/v000/sync?userid=00bw2j7lAzLn&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-psv2m
expires
-1
sync
ads.yieldmo.com/v000/ Frame C5DF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=1554685320975062049&pn_id=an
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=1554685320975062049&pn_id=an
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.206.181.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-181-88.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
an-x-request-uuid
b65608f2-e14f-4b86-8566-8fb531859572
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=1554685320975062049&pn_id=an
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AB0D 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 04:19:53 GMT
FFXIV_FreeTrial_160x600_Monsters.js
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/ Frame AB0D 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
673c59be0ecfee7073c75ffd5030f8f3462a38e452b541abff96644b15b58b4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:01:24 GMT
date
Wed, 10 Jan 2024 21:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112709
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14348
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
HYPE-754.thin.min.js
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		56 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
684586e6772ee02828185ad005ffaf74fda242faf446b3107c68f0aff86ecef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:18 GMT
date
Wed, 10 Jan 2024 20:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113435
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24577
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
HYPE-754.thin.min.js
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		56 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
684586e6772ee02828185ad005ffaf74fda242faf446b3107c68f0aff86ecef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:18 GMT
date
Wed, 10 Jan 2024 20:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113435
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24577
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
HYPE-754.thin.min.js
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		56 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
684586e6772ee02828185ad005ffaf74fda242faf446b3107c68f0aff86ecef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:18 GMT
date
Wed, 10 Jan 2024 20:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113435
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24577
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
pubcid.php
hbx.media.net/ Frame A120 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.10.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-10-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Fri, 12 Jan 2024 04:20:01 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 04:50:01 GMT
sync
gum.criteo.com/ Frame A120 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
508254
expires
60
cksync.php
contextual.media.net/ Frame A120
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3480347926485296000V10%...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=78613609676c23ea&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.ph...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3480347926485296000V10&type=con&refUrl=&vid=50331938103480347926485296000V10&axid_e=&ovsid=AAACl1FifVNUKwMUpsmEAAAAAAA&expiration=1705119594&is_sec...
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3480347926485296000V10&type=con&refUrl=&vid=50331938103480347926485296000V10&axid_e=&ovsid=AAACl1FifVNUKwMUpsmEAAAAAAA&expiration=1705119594&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 04:19:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3480347926485296000V10&type=con&refUrl=&vid=50331938103480347926485296000V10&axid_e=&ovsid=AAACl1FifVNUKwMUpsmEAAAAAAA&expiration=1705119594&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync
cs.media.net/ Frame A120
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ4MDM0NzkyNjQ4NTI5NjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKYfeX4pDclM-e_y3Da8pRE&google_cver=1
57 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKYfeX4pDclM-e_y3Da8pRE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.62.10.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-10-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:54 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Fri, 12 Jan 2024 04:19:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKYfeX4pDclM-e_y3Da8pRE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame A120
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3480347926485296000V10%26type%3Ddxu%26refUrl%3D%26vid%3D50331938103480347926485...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3480347926485296000V10%26type%3Ddxu%26refUrl%3D%26vid%3D50331938103480347...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3480347926485296000V10&type=dxu&refUrl=&vid=50331938103480347926485296000V10&axid_e=&ovsid=APufUREr1Ro91o5
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3480347926485296000V10&type=dxu&refUrl=&vid=50331938103480347926485296000V10&axid_e=&ovsid=APufUREr1Ro91o5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 04:19:55 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0a94eb28cbc7ec6a6@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3480347926485296000V10&type=dxu&refUrl=&vid=50331938103480347926485296000V10&axid_e=&ovsid=APufUREr1Ro91o5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame A120
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9ad03db6-bb24-49f4-98de-4d60dda1ceaa&gdpr=0&gdpr_consent=&us_privacy=&gpp=
57 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9ad03db6-bb24-49f4-98de-4d60dda1ceaa&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 04:19:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:53 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9ad03db6-bb24-49f4-98de-4d60dda1ceaa&gdpr=0&gdpr_consent=&us_privacy=&gpp=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1023200
content-length
0
expires
Fri, 12 Jan 2024 00:00:00 GMT
sync
x.bidswitch.net/ Frame A120 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame A120
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=VroS-ap-kEY3jeE8vPTy
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=VroS-ap-kEY3jeE8vPTy
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 04:19:53 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=VroS-ap-kEY3jeE8vPTy
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame A120
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3480347926485296000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3480347926485296000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=411b3279-7dd5-4485-9a44-8c76490cd352&cs=1
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=411b3279-7dd5-4485-9a44-8c76490cd352&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 04:19:57 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=411b3279-7dd5-4485-9a44-8c76490cd352&cs=1
date
Fri, 12 Jan 2024 04:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1000.gif
id.rlcdn.com/ Frame A120
Redirect Chain
  • https://id.rlcdn.com/710489.gif
  • https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCOv7gq0GEgUI6AcQAEIASgA
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCOv7gq0GEgUI6AcQAEIASgA
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 12 Jan 2024 04:19:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCOv7gq0GEgUI6AcQAEIASgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame A120
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eed2eaaf-00bb-4420-a928-2f23eaabab2e
57 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eed2eaaf-00bb-4420-a928-2f23eaabab2e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.62.10.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-10-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:53 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Fri, 12 Jan 2024 04:19:53 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=eed2eaaf-00bb-4420-a928-2f23eaabab2e
date
Fri, 12 Jan 2024 04:19:53 GMT
server
Kestrel
content-length
199
cksync.php
contextual.media.net/ Frame A120
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=medianet&tc=1
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=medianet&tc=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 04:19:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 04:19:54 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=medianet&tc=1
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT, Fri, 12 Jan 2024 04:19:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f1930518fbc6c947251079335ae1aed2b0fc7f65f7285d85929603e21aedb999
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
Rectangle_rouge_728x90.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		195 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/Rectangle_rouge_728x90.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1fae1248e7527a1d7aa15012f124f7e8ff9b5d59c0b738931487d0384a6a467d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo_metro.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/logo_metro.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
492fc009da1427fe6fedc1f5a65d4f7c8bee3453c342c810e751a6549099ff47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:01:14 GMT
date
Wed, 10 Jan 2024 21:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2587
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
CTA_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/CTA_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1129a368cae4aa0b6519bc65697997fb7be015bbedf33f33eafe4bf7f3afe51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:51:36 GMT
date
Wed, 10 Jan 2024 20:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1213
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
LEGAL2_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		18 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/LEGAL2_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
2db33cc2dcd1bc2d9d27622ef671a2fd012b65f89b10667db73bff1b80ef7dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:54:10 GMT
date
Wed, 10 Jan 2024 20:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2621
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ONTHE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		1 KB
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/ONTHE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
ef32964843f93376df3deee2dc29570bb98f9df7f46ad258416e17bff4db3cca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:47:09 GMT
date
Wed, 10 Jan 2024 20:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SAMEDAY.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		2 KB
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/SAMEDAY.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
90ea1714028a7a7ed28f6023dcb420125e780381a802cf424fef5ccb82c285b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:48:33 GMT
date
Wed, 10 Jan 2024 20:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
903
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
DELIVERED.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/DELIVERED.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
a97eff482d0edb326f716e6bddc28773a28a6d6869efa22b1ab423d0de323571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:51:36 GMT
date
Wed, 10 Jan 2024 20:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
713
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
WINTER.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		1 KB
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/WINTER.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
ac88d5594067b271d13ab8e8b1ade7b699e84e0ca3c4957e05eae59499e4f97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:48:33 GMT
date
Wed, 10 Jan 2024 20:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
YOULOVE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		1 KB
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/YOULOVE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
613f3920a4ba756f81d8b573f0d2408fd7679e78ffdd88c8df5331548d581959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:05 GMT
date
Wed, 10 Jan 2024 20:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113448
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
720
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
FOODS.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		2 KB
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/FOODS.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
b4edcfba76c9864b84a58936829e2fb9dbbaed7df2f064a3f7039e0cde279c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:01:43 GMT
date
Wed, 10 Jan 2024 21:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
759
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SAME.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		1 KB
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/SAME.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
9d97f3ee2068d15af10b21cc31ff81a1f2861d46bb4811a1b3692b0540b694e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:22 GMT
date
Wed, 10 Jan 2024 20:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
670
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
GETTHE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		1 KB
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/GETTHE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
e714d34c5534ade85ab7c329944c975299ba5e3a89d6e38b585da08581253f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:52:55 GMT
date
Wed, 10 Jan 2024 20:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113218
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
597
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
image.png
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/image.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c7513afc284ce0720e7f9a2c4b6e99d4839b334e8e2087ae912134d77a828edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157226
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PASTILLE_%24599_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/PASTILLE_%24599_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
22aee4da6f68f6ff5247936ff54352743f3c1174e3c6f302975f26bddae490ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:22 GMT
date
Wed, 10 Jan 2024 20:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1935
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Rectangle_rouge_728x90.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		195 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/Rectangle_rouge_728x90.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1fae1248e7527a1d7aa15012f124f7e8ff9b5d59c0b738931487d0384a6a467d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo_metro.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/logo_metro.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
492fc009da1427fe6fedc1f5a65d4f7c8bee3453c342c810e751a6549099ff47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:01:14 GMT
date
Wed, 10 Jan 2024 21:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2587
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
CTA_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/CTA_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1129a368cae4aa0b6519bc65697997fb7be015bbedf33f33eafe4bf7f3afe51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:51:36 GMT
date
Wed, 10 Jan 2024 20:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1213
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
LEGAL2_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		18 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/LEGAL2_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
2db33cc2dcd1bc2d9d27622ef671a2fd012b65f89b10667db73bff1b80ef7dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:54:10 GMT
date
Wed, 10 Jan 2024 20:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2621
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ONTHE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		1 KB
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/ONTHE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
ef32964843f93376df3deee2dc29570bb98f9df7f46ad258416e17bff4db3cca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:47:09 GMT
date
Wed, 10 Jan 2024 20:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SAMEDAY.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		2 KB
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/SAMEDAY.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
90ea1714028a7a7ed28f6023dcb420125e780381a802cf424fef5ccb82c285b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:48:33 GMT
date
Wed, 10 Jan 2024 20:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
903
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
DELIVERED.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/DELIVERED.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
a97eff482d0edb326f716e6bddc28773a28a6d6869efa22b1ab423d0de323571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:51:36 GMT
date
Wed, 10 Jan 2024 20:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
713
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
WINTER.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		1 KB
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/WINTER.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
ac88d5594067b271d13ab8e8b1ade7b699e84e0ca3c4957e05eae59499e4f97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:48:33 GMT
date
Wed, 10 Jan 2024 20:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
YOULOVE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		1 KB
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/YOULOVE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
613f3920a4ba756f81d8b573f0d2408fd7679e78ffdd88c8df5331548d581959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:05 GMT
date
Wed, 10 Jan 2024 20:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113448
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
720
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
FOODS.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		2 KB
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/FOODS.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
b4edcfba76c9864b84a58936829e2fb9dbbaed7df2f064a3f7039e0cde279c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:01:43 GMT
date
Wed, 10 Jan 2024 21:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
759
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SAME.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		1 KB
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/SAME.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
9d97f3ee2068d15af10b21cc31ff81a1f2861d46bb4811a1b3692b0540b694e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:22 GMT
date
Wed, 10 Jan 2024 20:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
670
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
GETTHE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		1 KB
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/GETTHE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
e714d34c5534ade85ab7c329944c975299ba5e3a89d6e38b585da08581253f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:52:55 GMT
date
Wed, 10 Jan 2024 20:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113218
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
597
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
image.png
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/image.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c7513afc284ce0720e7f9a2c4b6e99d4839b334e8e2087ae912134d77a828edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157226
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PASTILLE_%24599_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/PASTILLE_%24599_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
22aee4da6f68f6ff5247936ff54352743f3c1174e3c6f302975f26bddae490ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:22 GMT
date
Wed, 10 Jan 2024 20:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1935
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Rectangle_rouge_728x90.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		195 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/Rectangle_rouge_728x90.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1fae1248e7527a1d7aa15012f124f7e8ff9b5d59c0b738931487d0384a6a467d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo_metro.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/logo_metro.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
492fc009da1427fe6fedc1f5a65d4f7c8bee3453c342c810e751a6549099ff47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:01:14 GMT
date
Wed, 10 Jan 2024 21:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2587
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
CTA_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/CTA_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1129a368cae4aa0b6519bc65697997fb7be015bbedf33f33eafe4bf7f3afe51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:51:36 GMT
date
Wed, 10 Jan 2024 20:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1213
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
LEGAL2_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		18 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/LEGAL2_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
2db33cc2dcd1bc2d9d27622ef671a2fd012b65f89b10667db73bff1b80ef7dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:54:10 GMT
date
Wed, 10 Jan 2024 20:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2621
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ONTHE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		1 KB
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/ONTHE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
ef32964843f93376df3deee2dc29570bb98f9df7f46ad258416e17bff4db3cca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:47:09 GMT
date
Wed, 10 Jan 2024 20:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SAMEDAY.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		2 KB
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/SAMEDAY.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
90ea1714028a7a7ed28f6023dcb420125e780381a802cf424fef5ccb82c285b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:48:33 GMT
date
Wed, 10 Jan 2024 20:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
903
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
DELIVERED.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/DELIVERED.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
a97eff482d0edb326f716e6bddc28773a28a6d6869efa22b1ab423d0de323571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:51:36 GMT
date
Wed, 10 Jan 2024 20:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
713
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
WINTER.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		1 KB
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/WINTER.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
ac88d5594067b271d13ab8e8b1ade7b699e84e0ca3c4957e05eae59499e4f97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:48:33 GMT
date
Wed, 10 Jan 2024 20:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
YOULOVE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		1 KB
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/YOULOVE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
613f3920a4ba756f81d8b573f0d2408fd7679e78ffdd88c8df5331548d581959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:05 GMT
date
Wed, 10 Jan 2024 20:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113448
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
720
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
FOODS.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		2 KB
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/FOODS.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
b4edcfba76c9864b84a58936829e2fb9dbbaed7df2f064a3f7039e0cde279c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:01:43 GMT
date
Wed, 10 Jan 2024 21:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
759
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SAME.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		1 KB
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/SAME.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
9d97f3ee2068d15af10b21cc31ff81a1f2861d46bb4811a1b3692b0540b694e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:22 GMT
date
Wed, 10 Jan 2024 20:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
670
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
GETTHE.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		1 KB
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/GETTHE.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
e714d34c5534ade85ab7c329944c975299ba5e3a89d6e38b585da08581253f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:52:55 GMT
date
Wed, 10 Jan 2024 20:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113218
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
597
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
image.png
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/image.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c7513afc284ce0720e7f9a2c4b6e99d4839b334e8e2087ae912134d77a828edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157226
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PASTILLE_%24599_EN.svg
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/PASTILLE_%24599_EN.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13627720152406278352/HYPE-754.thin.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
22aee4da6f68f6ff5247936ff54352743f3c1174e3c6f302975f26bddae490ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:22 GMT
date
Wed, 10 Jan 2024 20:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1935
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
BG.jpg
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/BG.jpg?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
cb875e87ed4562b91c030a38551185a7592e570c5721a89581788f32af654f30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:39 GMT
date
Wed, 10 Jan 2024 20:49:39 GMT
x-content-type-options
nosniff
age
113414
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10290
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
ad.doubleclick.net/pcs/ Frame 33DD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsucVD-Nuc67i4vueItTWPPuY63eG63i3ly8quzwrgvutX3JpU-YbpfSrdglSQ0X8ojUz5H61z1rAagRCUTv6rnZ0yS76vitdbAQL-QH0h8gA_rDhJHUwqEdEqYvv374X1Rd3QMw6-8CERxhpCjvNGOFv4ACgzP0bZ414SNZ3tmZDVo7it_S66FGTDZuLrcOVBhFPljUC8fZ1imw_s7O5lxIUzHhzMYHOA-S0AZzosHM6VPbbpjruna-kkAF8FB8R8kaZ4byJpsiW1TZyAkoS_A2YpQRO80RGpdlDroxWrtm54eDWv5FlNdDFTe_VdniqBjR23miWiDlB9eiZQOgT-QpFPcSt6jP6SapIFlev99jP0NFMzNvjOrYpLPHqW7SeXLhTksKQJBTSomcZv5MVTb6fYbWvFdyzSDJ7eLtV2D5XGxiCuIqc5YrdEAtjLT4sB8ZI0RGgD6DCP8ji48Arq4FSGCCVTBMuWCfZSDpF30O8i4tHkH6NWH0z9DRMIygwMqFTgreUnJ2x3kRMm3K8DAt8XdhWlIcpcxlGrhfBtC1hVy14TQxbRFWI4zwMtnI4ju6poPJ2JWAhU9MGeOFH3-jPT2q6w5Obfxw7-N8X-4MU_dKA11hVhCh_KxnUKSIWxKEOBz7CzJeZx2zEPG2OzgwP1La0zXj3KUi9Btf3DcwMBfeWKsNAPwsEe-9l8t-UeRnDPiFWcMk9ghn5w8Ucz-PqcfWEzBh10pwU_wS63qvG5nD618Z8JqBCmHnXpMhwrDRRx0duC9PPxvqvhLO4ZlCh1CvCnT-0aaTJwA5QclKGNtK80VyO3yAVnWpHceNSioURwMEgSJ4OBOUL4G_IOmV_tVfY9ckFuJsNXZCDkshxbmQKp0bHQ-qaKkZERM0JpTRM0VNxnr5XN_6zmyWTKe_khCAsGXAY3PGzG-gezTXWVphywVHEpWT_GffPGuWWsSnxgzCkvZLShjhCoF6I5bbPpzy4efsEWCBL0h6bb4TpIeiFN78fAikY-4PtWp62rsBmnwNDwsSAYpcmwB_7-fy6xK4CBd22VzP9jWRe6sErDCPBOMPQut_YAtKLRJLMYznTnXcrHS0AxgzzomPgQQ3eIRV8UrrGzH3WhoYdq6dbmwEr7PIP40XTvllmhRawxcePyBNYsg5_upcraoiJRo3YbJZL_nK0TKHOLElr8Vt6EtQKWQMoKlsxMo_eRq3g6UsOugkfAPfRtG_aDVL2JbhOrkbKtzQXxL5jnqdX3WpyDwIg7HAoB8wTsIDGoEs6NlP0OgCqSFnEWXhgc6EOYIt6Uzk-KroRF9nIhnmzov2nhNRUmo-rZAb5W2L_FIQGOMRBDA06hd9YEakgTO6FSFCp6wfyhzip2L88jFhBtfDCl1I0dyDRHDrwY4DGci45Sng31unlK250htheaN9MKzCu3709gYuX_cOXdPATEA&sai=AMfl-YRvf1rND1HZO5WduKvUfG9O41E9Tj-CmEWB8VNTKe4tUmZaE0ipYarl7RRN1ENnRyus_nrxnGXLkaASMeXOfl1RVkT86PjA5xsmCLfmFSArF6HpdnKl2cnEnHt8htoQO-wLH58ri86t4OXOXoj_bMugfUNHD712ZNsX16gR6hnlSGM75Av7gzSZkR2Pie-EyG47YCGCxQ05nLQXV9gp323oEXEGb44nGwBtE1gzXO_JQIiZ4w2n3diyspGwZEtaAqi0H944tBxpchz-9Npya8A4luDJwZtrA1454Y9ZFFcpLqZphTKsHOzZKLIa9hUyKeTwNKRYclDk1qyqS4TabGYbMZmPuCOZ3QtreFbev9ASkKmdW-TXf1qqPMv8HVuu_x6EWuzlDEw9_WFNsvNTMlGQZgeGMg8kwaT7U6ocVZ0&sig=Cg0ArKJSzDtWzhP-_dJzEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maW5hbGZhbnRhc3l4aXYuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2249&vt=11&dtpt=221&dett=3&cstd=2024&cisv=r20240111.68116&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
c2a.png
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/c2a.png?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
b52f81c3d54febedfac6ccfdddfd58e70925e42dfacbc5193a38d4b00816f892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:43:58 GMT
date
Thu, 11 Jan 2024 13:43:58 GMT
x-content-type-options
nosniff
age
52555
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3542
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
ad.doubleclick.net/pcs/ Frame 8044 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstD5C3_EUkuyN8CWZAsqZt8vRPOByhXgJKxlurDZ2KUCrckD5C7Gg6GKt8g6w4s5HCftYyK5-09iJ9H1kJrMbyQCguEt2KVDJ_z5XBUc3DZbVQAKHxrhCa41KhKpghUBQx-HdDpndXjz5vfkeqwiu3QR0KWfgwPwQETmoNmujCyFol9HMiyBR1ZfDSi4-EV8FOl8Jmg4sTSc1xWrTO26VeIBGt4O_Ux_X5z7RwjsDeBzIUiYqC4EcTsceIbxuuYfa2Rmo2eROhwHkoRSOLfadVg_9K8sPHAUC2VDu2c6rwYHl1ykVmv61afasZvXr9YeQxhsdlm8wNm_5Z7Aquq84-wsshooTNfhCdFsOU4y1LkQtB5xHfvm0ifAu8tduwaJfTKbY3uKOnIsavPTObJri9Jc94slGiwXht_ctbtU7QteBlWFR94jr0MXw66mIkOEOwLDV_nJHdHZf6YIE9x8MYdzwB23A3Le6jLbuAVVEyRJZDW_KBYzpoBgxH3h4EK96PLUF-Nghrv5MMT_5wy8Qdku0l7RM9fD-0-JbZKAIOFbA2D3_74FRMlyazrxlGzzWDdngMENTM1J-flEADk9sV-kUL3zxZZIqQzs2uNNHbkxoSpAvNu_yA4ZetHGPOgVf7nLpOxE_Z4TymxIH_KiIpC_MLreOEUxwxebp2sHAqel72IUDUnjr2aTLoUVodeYxn2KwjvgLaa0b5_rDE8GKihacoFjDNElBgvBCmvhlmvvShi_m6BM5iSO8v2jj-TqP_CjwvOvPF8bA6bRF3jrDF8h5g_fmRx9Tbb_yo1r-geU6WOQhSFDh4FZLaK75DBCwpa1nR1E0IqhxTHwHRE4s8urLzZG0pJrcDB9UGSu6tR37ABmPHEcKyzXbTGy9NFOPocSM1BvZAu1j_D8GH8Zg-y4RTu-MKehzSsIr9tYYJxjdYE4jipQ2cAwXLHqk_ihiNxtov1oGdLh46sha3JdEGkczEODVE1gIqnKS88LK_IC5mC2H9PoByAPDdMSUXXZZ-MO-XuPBZhGM3MmRrklxMiO1FIWemmC2ty5qork0V31XTsuk5zxaQv-x7WRnVUn0jWfrSNJFn0KathiHqBkVlHf7XewD7HW1h2sXO9PVCPdPLcud13Kg6ok29LIMKx0ACoqhwZr58qA-teZOrJmrnwJRIVWTvQW_Ma2g9g5TLQI1K8RtHW46C3IODqt0xTHvqwvuu3VGVXDyENXUqT1d_f5xvJJ10XYNOLQbiU3B82BSiABoGBpOW_O97kUyKrLzCWd4K_h4GvWdTvo-8P_SxHuTfbA9836ZkCmdXrgrQajC38wTEFnvohS4ZQWq7Hhl_YiMk5qSQnrQZMpu4nQCl3qCAkDg2FjJeLkv19ed93kC5-IIKRzKO33XtITPfoX4CF08yv4gRDfAPI_WxyswaH9l62K6b7Sb5xkh-7oBYjEVaqYw&sai=AMfl-YQikGoKPzrMIrZBFiqifWMvzubpTH0v70eNqurLnrYa657YhyY6MDA8dJgYlvafOZMIZu0kKsU154R9QE7ni7aykmW8TdywbU4yumF98aW2Luur-rl5EX1AefDGe6nWZ-TWQQzV0pn6qShdU9gPCgCbQl2GocvkIYwF697U_fIe78sNyrNz8s2FZkkZRaGCRiNtaC7_c5Q3gAAWqFMvso2tW4rII6jq9kwes_Kg9EX8-yC4Ovzs4x4d0qxa2yxZ6byK9RtZItYf-yDOcQmzOpfQxqCYBHjJdP-hxcLD1jS72dbH37VR7FkNieOPb0_-bC2_U0FyDbvPPT8oeR5hMYU5G1gKRVPMlYGY__CFxgsBdT4TlVOxdZ80x0u1ZBQhnRURFjC8OLbElq7Fl0AaqCPtMENc1Q8lKQxbN2vhmpH7O2vCMJU&sig=Cg0ArKJSzOnkvB5p3nJJEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZXRyby5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=675&vt=11&dtpt=281&dett=3&cstd=393&cisv=r20240111.95088&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
image.png
s0.2mdn.net/sadbundle/13627720152406278352/ Frame A5B2 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/image.png
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c7513afc284ce0720e7f9a2c4b6e99d4839b334e8e2087ae912134d77a828edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157226
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1013.json
id5-sync.com/g/v2/ 		625 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1013.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/e/5/288ed7-6884-417e-b256-dc21cdb46f76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f3e24149c8fcab3dd66de5cc2e3fc60de98c8fe95b1ef587983e2f9ea0144cd4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vast.gg/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://vast.gg
date
Fri, 12 Jan 2024 04:19:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
view
ad.doubleclick.net/pcs/ Frame 0DC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssiUlCOOXcpgl0tzOrABnNUwKMwRrqHaQopletxKesUKKPH-R73B-PLKLprBzAmjEmguTS5pjwzy1KWnRb4DvF_2AQ7RqMYGg0QR5WQBNMN-1nJGl1XMYpVWz2o78iH-cxJe8kdodFoQgwgxfzkXRkLalihJVCe46VD3Ii2nlW8CYH5TYcB2WJ6P2GVDJcr7xyn3v-MhtwMQmXaiq9WpQaPYYN2KER75yZ6hYAHFWaH3MeGMm5hogdqT4qv9ryVxfPBlmZD8I50kjwgLKsCb-WCEJpIQBp223t2wlScNGwOiUulNF9ri7drpPVWdqowfEFviwRvlGhu22HURDvG4BtyRzRWhHgZ5Yjn-8gUlIt_AtSQwfL9BbhIQXp30H8ANM85DvSXzQWlY4FyN9ouy3hrHjQ43nEoMu_YvcOVtpOF3F6V9yz9RmQyPabuiaNhOtcs60dz1nrZkLwWWhCyjf5n1yoc6uO1XmaB-wdctWHRtk6pdLwTfDcHtV2_krEU7HNxx5F_KjA06ZE-5Mvb4RHsFGNwlGRgX-Hk1OrnPf1cH23LpYshAJcITMKfTQ4KbhzuRY_JadiCfGigsg_UPabkh29AIcoS3nxh03BHwFz79W66ifbrxLSFtSo1WH-Y18qodSi9dniRD_jKtWw1C1LjJoKqZdQwFer85VZxskat8cVzH3TflDVQVbVh00COLX5p3Et3zvkGsX39W1HtL2yT61uhY5x_WxjYwTYLu54thC2MkPRwcO8mGQQzfZ1Dy3orazU1f1isJ7XMXknC9g4DMAtQ12SEFYFJbUe--E_CPBsDQuJJwCmYl6P3W7lxJtH6jVER7U8KIdnw9LTGC4EVGDArQ6-425iEe0QXazmMDdY6thx5rXIspI8chCgB_Wjxw24Ed2JaQM_9xD3PRaAF9dLMrtWe_te5YcNrxC3eAKvb9CZo3n3JfD8VX_k67cljiLJMb6TCNAXjgwlrqOFnhqqn6Wnt7VYaiBFaAAlRdHrBo_EXfjmOBOL3I0RXjghaeoJEgZ_HO1SSD9cW40WNrHIkGrun0VvFjURp-kAQ_kgHXDayrsZJljWwmZJYMK8wW5M5Sd3JLJK9hs177G_UeVZn8Kr88ySBX0VwnXC8XJ1WuBlhGWUNjYqsuUk8KUWCwUy0rcY9GbO5t5cdV0h6pMV735cS9CEIax3y8E7oNSQaxUfPFCUI1CS-UhK6fHU28NHaILlK2eMDxij5yXrkmxup7LIXM766wtqsY7P4fUuYmnEjBWpw7dylu6y6pCRRtl8BRJYDJl9W6ck4ZSku_4DyTRq8hVQ_clG3RFhsQLl0psaf1YyX7LTTXxuNny5tuQUrj9BXwnSFO-JjVhwLCrRqTqhGTKZl6broUROnNFXPUGMVtin2QN3N7tQ2kCzNVU1zCBf0-FmmxuUMrtJLO4F4-eGrZWQ5gdQpCOLHu-fEJzxV8que_yL90fAexuLgs0hOkTRN&sai=AMfl-YSRVnZF0bvBIpkTc4zfUtEfhwd9vZfI7CPMywCKE1kizHBMs8KkagTehjpf0-bs5sjuNglqTQGwZo5kPwiGx9_UU9J49J0BYcC211kShRkz73TAinziAgitJhxOQGqsGYZ_kZNe1zqpQiODmDwsNg5Z6ffFiswamzvgF71aT8ExOgMwOiXfD0FO7M8OV45zwNrwsN1ue0PUv4AKBtrJtS9xRUQ7tmnZF7wQKHw7LWLxoTuL0gRiwFeBjlzLT19HcYWI7gX6nRfbklDGoIKSH2jNimKn6awLq3NjU2xY39fKl_py2QNPeWvpCK6gNxd2GigDupp9z3sd9Dwg_17lpRh4HoVU2Y6GH5Vm0yZLKVapKOCJRotjptoFcPLEbtDkgiqVuMQVcFffq8dt0m23ylO48XX2ZQfP9pOLqkuu7tQC61CtIAhmXWs&sig=Cg0ArKJSzE4r2YpYGz_nEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZXRyby5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2086&vt=11&dtpt=285&dett=3&cstd=1800&cisv=r20240111.45347&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
image.png
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 285C 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/image.png
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c7513afc284ce0720e7f9a2c4b6e99d4839b334e8e2087ae912134d77a828edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157226
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
ad.doubleclick.net/pcs/ Frame 7E91 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu6aVDU5wJX1jv35gXsjwq11NNJFgfsa3qwCm4U6G5N_0Ie72eOSzZpR7CbmUrxlf7NWK-mLUlKtD1lvvWi6a_Dwym1TJjID_kzFbLF3xUvqlgrNSt7AggzeiBYHcphPIConX2v53IE-6qXpvgLUpkaz-3MzJAsJhojlckA6lIsh5L9AN7wPoBw95HdrxirZMW5axIJ-3aZ2KIMaBwT6qhIXjWS_9dVK6jbPjq0KtFficUEf6mTkXjEb8pmqS12DQ9STF3glnzGXcRGDK1UorI7qi4FTStwp7dvh1rMdvK1jdEiGIRI4jih6dp5q2l04pzYIUVssZyyVl4yr8d60lw_iP5vS1JulX26Vh229-1utFANlYnJ3bhryEb7CckL8TiBpZaXMHVsYuFMXO1ix7NYoFWTziVZwbM2Guo2CMkpy8MvAHzwL8ciZ9ui30UmSxgf6lLS7bREoFDIAoNPc38W92B7BglkcSLM27ustsfBiZeP8Z_U0z_YYmu3dGS7Vm73vldZgRIb9XdU4iVkbXX_6b3K5WJ7Sv7Lj8TSUPWR-OjZ7UlxKxhNHD1M-vWM-8vu0tA4x2qQc9HF6Zihk-XwsdY_n_Ext8Gz0dwRugwe0G0hFllbHSVq-asFJWMGLziQ6fbjWHr-ZmPmXuXF5tyE3WV8KrMAMj2Q1mlb2xFM9i27dvRiO8oeM5Av3Lh5Z2D8zX-kfC72LjZk47sp8BZkCy1g5eVYNCIFF5lKp3-UpQaPsli8YwW7o_FwlUQjO4AWwoUEVSnn52Fxea-act2aiEYNzewZLcY4cnoNbUjsIWbDNi6EwAi9SI4GJsjFaJn2fTLJ9NIfVaT2zQF-H5XUta_J7AaSpc4RVnK--0zkjFDbh33Utl3jcuUZZf2B9-qJUBLmWl83iSAz8H6Nno6FLaVvD3O_j3yN_VNMmM1KGkKSh9EPxH3vZgscbk41rtbVWH_yzntxTQ84umK2nuqg987-fWvDN82orMEv6FDZ5sWYvGXO0dFS6FVNe4E8nFcGKx-0lnjTz7eZTXkYIF7a2N4JXnO_RO0aElJUVYdmcHJomJFQdcdWngIs3B59jrsfIdMCKAEM4mmmgxg57LbXlT7LYbjdViYzceQQ9hE-ThvjeEdbEwXQWHUwcuLQHdlUDYq7x6DjIhXcV3gGwe87ex5nFUDuLYBbaoqQSBXtPXZrGkImdd0oQ4wIXDZ6T5mcrQc6q9XXwRAbY-PKTtYJA-C6nHePatXaGsTrVKUaTJe-ZTBhVOMYziRx_svnSoFCxNrHOemSt4PHreDkbgczg9Nb0JLFDPdI1bHegAtHUStUnyGWUxC9mo_ftdWanKfKbMkEpCz5GkszHIWDQzKyW92SQCVUIx98l8aoKjrsgHj2ku_J-VgYj-4vZLf-FAsUsdBaXb9LS7Rfqu3iCECn-71pzQcWejrjGOpK9B87vuc0ZYwLGs0sueEg5yLonzV2O9w&sai=AMfl-YTpppeu7boIXfRnPvzeyO7TZAMqjlMSJGZUGhCRq4LwFlZfjm0TYvuESd24kMq-BRFTUMhaFGa6L9GD5VvUHskca2hPhOHhXJR__ql0cmhRMW3PHcmGrBLkvoK-V0Ub0YhlHOBsd6M-FBiBRJOx_dQbV_gBzNKYqI5VQ38tuU9H8X2ivNgtsRuwDW7Lqh-qrzIZRUHr-4di8dq8Q6JCIqzGYYbyuogNl5-eQVQVNYJn8iYMoEUE4AjtrhghiGbZ3xV8C5QFhkJ48bXITSzL3ELuLay_xz9_k9KZi9S2o9oHPBLm_8RCZTVlenuinyTeZ_dYX8q9-90HJpCLfbSBrEWP3i9pRE2eo-lWXQ_AtkhzqWwRz2wWdmUFKsfyh1DVmJuIUCCO4vkVT-AZIvucPRXr_PRnTrmfamJ9XlOfsucEcr-_p3A&sig=Cg0ArKJSzOe-TcQS8mrKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tZXRyby5jYQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1472&vt=11&dtpt=303&dett=3&cstd=1168&cisv=r20240111.72996&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/XJ0eEiJe3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
image.png
s0.2mdn.net/sadbundle/13627720152406278352/ Frame 6554 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13627720152406278352/image.png
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
c7513afc284ce0720e7f9a2c4b6e99d4839b334e8e2087ae912134d77a828edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13627720152406278352/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 13:42:12 GMT
date
Thu, 11 Jan 2024 13:42:12 GMT
x-content-type-options
nosniff
age
52661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157226
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 15:06:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
endcopy.png
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/endcopy.png?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
4e53319396727526d8fd5dc0d08b3edd788786a8669e8b9991f464ab1b3023bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:39 GMT
date
Wed, 10 Jan 2024 20:49:39 GMT
x-content-type-options
nosniff
age
113415
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5718
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
endDragon.jpg
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/endDragon.jpg?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
6298af9bdb719636795a47796a4a78c198c3c0c6c02fa46fee3d6ac1d2f89211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:59:29 GMT
date
Wed, 10 Jan 2024 20:59:29 GMT
x-content-type-options
nosniff
age
112825
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17766
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
enemy1.jpg
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/enemy1.jpg?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
fab296cab94da7d89bf87ad39af82557f7a61fba99b2e2e7c5b3e29705e7fd01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:55:43 GMT
date
Wed, 10 Jan 2024 20:55:43 GMT
x-content-type-options
nosniff
age
113051
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20087
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
register2.php
synchrobox.adswizz.com/ Frame AB69 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.96.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-96-184.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bb7cdd4e8984c5982cd002e0178375c3d93772014dd750e0699ce692e4696ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame AB69 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-55.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 14:24:51 GMT
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
50104
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
EHNCVnAF3_WZtuVjWYXdbmuMLOP7b8s73zqvDCykxCghtGV_1xqVOg==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 50B0 		0
0
/
onetag-sys.com/usync/ Frame 0D6C 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
rid
match.adsrvr.org/track/ Frame AB69 		109 B
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
9f1cae0422e02df6c70f6c381319aec5861eca291e82fb14182f68f4555c7b90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:57 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 11 Feb 2024 04:19:57 GMT
pbs.gif
sync.colossusssp.com/ Frame AB69 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:55 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
Content-Type
text/plain
usersync
x.serverbid.com/ Frame AB69
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=H-iEiLZHhZq5vUDFSzCKSHCi
35 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=H-iEiLZHhZq5vUDFSzCKSHCi
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:20:00 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Fri, 12 Jan 2024 04:20:01 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=H-iEiLZHhZq5vUDFSzCKSHCi
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
x.serverbid.com/ Frame AB69
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=mmJuOw9jboOZ&ev=1&pid=562763
35 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=mmJuOw9jboOZ&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:57 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=mmJuOw9jboOZ&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-gzq5v
expires
-1
usersync
x.serverbid.com/ Frame AB69
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%...
  • https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZaC95o6bVgJB-YJxFA.I2gAA%263568
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZaC95o6bVgJB-YJxFA.I2gAA%263568
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZHroXoX8c2TSf6GP%2F%2BLliCOR5nN7AhgI7Ywv5ysW4C3dIF6gXW6t%2BVibvubjVGXUjxYp4zKkLCCBoscehtFaCkKV%2FFFAL3%2FatVxy7gb3ZCpNPxB7HTACTVkSDAkdAEIUELOtqDgNrvKfg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZaC95o6bVgJB-YJxFA.I2gAA%263568
cache-control
no-cache
cf-ray
84429a9729e036be-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame AB69
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1554685320975062049
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1554685320975062049
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
an-x-request-uuid
08caff36-2e6e-45b0-b8de-0a5f2ab2aa9a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1554685320975062049
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame AB69
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4650-ad1b-516bfb787c08%26bidder%3...
  • https://prebid.a-mo.net/cchain/0/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3...
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4...
  • https://prebid.a-mo.net/cchain/1/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=openx&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjP...
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-...
  • https://prebid.a-mo.net/cchain/2/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=adform&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3Jj...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26...
  • https://prebid.a-mo.net/cchain/4/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=index_rtb&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBFakT1HPo7MAJFa5GFHIpM&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:07538226E2854BA2B957AF03051E2636
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96...
  • https://prebid.a-mo.net/cchain/5/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=pubmatic&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3...
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F9200%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D14c21e96-f05d-4650-ad1b-51...
  • https://prebid.a-mo.net/cchain/7/9200?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=14c21e96-f05d-4650-ad1b-516bfb787c08&bidder=amx_com&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3J...
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=14c21e96-f05d-4650-ad1b-516bfb787c08
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=14c21e96-f05d-4650-ad1b-516bfb787c08
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:57 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=14c21e96-f05d-4650-ad1b-516bfb787c08
date
Fri, 12 Jan 2024 04:19:57 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame AB69
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
x.serverbid.com/ Frame AB69
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VEzY7ccQQYc9EKbeQsR2&gdpr=&gdpr_consent=&us_privacy=
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VEzY7ccQQYc9EKbeQsR2&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:54 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VEzY7ccQQYc9EKbeQsR2&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
enemy2.jpg
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/enemy2.jpg?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
99ac861149f29d4c77a457a8037f4404424c39c29d54ae301d930dd29f6b41fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:59:29 GMT
date
Wed, 10 Jan 2024 20:59:29 GMT
x-content-type-options
nosniff
age
112825
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15019
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
esrb.png
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/esrb.png?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
97bf3ab0390799744352ddbf5d60e19ba9e9040c7d09da8468506e8067443353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 20:49:39 GMT
date
Wed, 10 Jan 2024 20:49:39 GMT
x-content-type-options
nosniff
age
113415
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3049
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
foes.png
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/foes.png?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
2990801076ede7de13bd385134e54292ce79c3f7aa497b586f1c0578f7280aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:03:15 GMT
date
Wed, 10 Jan 2024 21:03:15 GMT
x-content-type-options
nosniff
age
112599
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6565
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
height.jpg
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/height.jpg?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
3b3378d93a2eee7a78889eca31f8f851f4ebdab270055d187b9aeca61701bc92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:03:15 GMT
date
Wed, 10 Jan 2024 21:03:15 GMT
x-content-type-options
nosniff
age
112599
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10254
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo.png
s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/ Frame AB0D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/images/logo.png?1636577347733
Requested by
Host: 9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
URL: https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
7961acbb656b2aaac090336a023b3348d164cb40a29f99b4622fc494b221e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15540320382186684416/FFXIV_FreeTrial_160x600_Monsters/FFXIV_FreeTrial_160x600_Monsters.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 21:00:21 GMT
date
Wed, 10 Jan 2024 21:00:21 GMT
x-content-type-options
nosniff
age
112773
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3909
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 18:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
cracq
services.ctxtfl.com// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.ctxtfl.com//cracq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.98.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84429ab13a2442d4-EWR
content-encoding
br
content-type
text/html
date
Fri, 12 Jan 2024 04:19:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkkuvcXlmVbxpDFVgFrZuz5fSsYEV%2BBFNyttU28T5vz3qQh%2BVFfA0dH7X9rdX6NIQSGAoPeiJ1YEhLaorNnyeTFoeSmQ64SvtJNH1YamiG%2BnmH63sBF4vrW2Sdz1nD6eXXS0%2B5LW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
cracq
services.ctxtfl.com// Frame 8044 		18 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.ctxtfl.com//cracq
Requested by
Host: ctxtfl.com
URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2876264517&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.98.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/octet-stream

Response headers

date
Fri, 12 Jan 2024 04:19:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFQEfVJFP37FZCiehYGFczJBW8Wv9zSUTMJrZJvmhOBR0%2BoV5ddbDDxOljn0V1ax3VXwhrmjynKOsslHrAmt3TkgeMpna0LgzY%2Fol70J%2F2qhbcEAJ3eW9ZlEYF6a9XdoLRZDe7rS"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
cf-ray
84429ab19a7c42d4-EWR
alt-svc
h3=":443"; ma=86400
cookie
sync.cootlogix.com/api/ Frame A2A2
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%5BUID%5D
  • https://sync.cootlogix.com/api/cookie?partnerId=sonobi&gdpr=0&gdpr_consent=&us_privacy=&userId=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
43 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=sonobi&gdpr=0&gdpr_consent=&us_privacy=&userId=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
68.183.118.170 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:55 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-184
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.cootlogix.com/api/cookie?partnerId=sonobi&gdpr=0&gdpr_consent=&us_privacy=&userId=a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cracq
services.ctxtfl.com// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.ctxtfl.com//cracq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.98.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84429ab13a2742d4-EWR
content-encoding
br
content-type
text/html
date
Fri, 12 Jan 2024 04:19:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYIC3X5UOIgZk8Yzpb3%2FAqeKd%2BBZSdXAk9j96qjkcWYZMkjVG258J9fCmum51UDBqUH2%2BK0W3yX%2FE8s9CgZf%2FdlsaXsjVeU8BSvarCuScCqiBIqImb%2FHziuHhRb15aaHNR9H%2BBeE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
cracq
services.ctxtfl.com// Frame 7E91 		18 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.ctxtfl.com//cracq
Requested by
Host: ctxtfl.com
URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2085379033&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.98.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/octet-stream

Response headers

date
Fri, 12 Jan 2024 04:19:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmfFWLsZV2hcTRzXgYy4CPMWKyRBLXHDFr%2B4wKefDA1vALWJuFtSGp8UwvrNaacil4GHbQ69OTiuzO3zijPPyV6tUoT0WQvwCUj7OKYTAF2wMb9%2BlIeQw7gXeVFNQoFHCD1OQT1T"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
cf-ray
84429ab19a7e42d4-EWR
alt-svc
h3=":443"; ma=86400
cracq
services.ctxtfl.com// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.ctxtfl.com//cracq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.98.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84429ab13a2842d4-EWR
content-encoding
br
content-type
text/html
date
Fri, 12 Jan 2024 04:19:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aahv3awOeP92YGyRRv48ok27%2FPLLPHXloeFXCV%2F1WvXf3iijeu4ycjh2JZHmi0P%2Foxd%2F%2FnEkBWvNW%2FA0MUxajK9paSLiLvuDDGtcDUYUBSG3RSc8CBehBdxy2NT9MGhqkz0ByGvA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
cracq
services.ctxtfl.com// Frame 0DC8 		18 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.ctxtfl.com//cracq
Requested by
Host: ctxtfl.com
URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2277160852&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.98.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e

Request headers

Referer
https://9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/octet-stream

Response headers

date
Fri, 12 Jan 2024 04:19:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOIIjdQ%2Bal6gHmE8Y%2BPLOW%2B4emfZ%2BkuogVLG2%2BnmgFc4nwHuduZQFC%2FGWrR0YatnLDXEJxPIlOWI5QzEKuORbB8EUg3AaMnreEVKpF8WQyDRTouHMJHTJz9Zt%2FKYSb%2B2CaYVVb4F"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
cf-ray
84429ab1aa8f42d4-EWR
alt-svc
h3=":443"; ma=86400
demconf.jpg
dpm.demdex.net/ Frame AB69
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=dc537698536b9310e4bcb76350a9f261
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=dc537698536b9310e4bcb76350a9f261
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=dc537698536b9310e4bcb76350a9f261
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
54.156.16.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-16-64.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-0b494a491.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
Z6/+kpy0Q+8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-0642e92e6.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Fri, 12 Jan 2024 04:19:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
1zR559xSRv4=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=dc537698536b9310e4bcb76350a9f261
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A84B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-111.iad12.r.cloudfront.net
Software
/
Resource Hash
72ba6aa53b1963aebde9dd57d0eaea5424074cd8a0dad023f3896c7b34cf7294

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-charset
utf-8
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 12 Jan 2024 04:19:55 GMT
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
vary
Accept-Encoding
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-adswizz-banner-status-code
0
x-adswizz-request-id
d8ca5ac0-4413-49f8-95f5-cd864a32ce55
x-amz-cf-id
eFaPsnA-A2MEu9isziIPSr0_Jn5pbBEQGOjmiaAjDdbzvw9A2eChQA==
x-amz-cf-pop
IAD12-P3
x-application-context
application:production
x-cache
Miss from cloudfront
x-clacks-overhead
GNU Terry Pratchett
usync.html
eus.rubiconproject.com/ Frame 4ACE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.cootlogix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 04:19:58 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Jan 2024 04:19:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
server
AkamaiGHost
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame A84B 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-55.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 15:24:36 GMT
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
46520
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
1Ua44Jk9b0uFzAjQ6lT9-ei85hJWGQZIs9U3yIAFcJIWw7bKQmigeA==
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A84B 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B14%3BUSD%3B0.00000000%3Bfalse%5EtraceId%3Ad71253d2-b101-11ee-be37-02e67ce6bd81%5EAS%2Fi%3Asynchroscript%3Bad_id%3A14%3Bzone_id%3A9%3Bview_key%3A1705033195659%3Bduration%3A0%3Baf%3A0.00000000%3Btf%3A0.00000000%3Bnp%3A0.00000000%3Bgp%3A0.00000000%3Bc%3AUSD%3Bbaf%3A0.00000000%3Bbtf%3A0.00000000%3Bbnp%3A0.00000000%3Bbgp%3A0.00000000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A4%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=&referer=https%3A%2F%2Fsync.serverbid.com%2F&listenerId=dc537698536b9310e4bcb76350a9f261&sessionId=d9d2da9b9364afce1828468c19bd1c53&ip=%3A%3Affff%3A185.213.80.244&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.216+Safari%2F537.36&cbs=6319619&aw_0_req.gdpr=false&aw_0_azn.pname=%5B%22Sync+Publisher%22%5D
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-111.iad12.r.cloudfront.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
content-length
43
x-amz-cf-id
YpSy8lCkiHNLIQyLQ_29WCHTiOeCbEU1NitZpLnxBqzaeQ6pSWFEkg==
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A84B 		62 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&isDisableLogImpression=1&listenerId=dc537698536b9310e4bcb76350a9f261&cb=11152719627&charset=windows-1252&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-111.iad12.r.cloudfront.net
Software
/
Resource Hash
048c5a42f99a76a85c9376dd9496ad46da974f58d084bdf9263f17eaf9a88f5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-clacks-overhead
GNU Terry Pratchett
accept-charset
utf-8
x-adswizz-request-id
c7fbccd7-e9e6-4d64-ae37-7c8e64402851
x-amz-cf-pop
IAD12-P3
x-cache
Miss from cloudfront
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
access-control-allow-origin
*
content-type
application/x-javascript
content-length
62
x-amz-cf-id
yn5V_vs1H91XANOsdvgZODMgQN3W4FtyB3EiU7o9vCOFv5mBDC0YTA==
x-application-context
application:production
usersync
usersync.gumgum.com/ Frame 6731
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1554685320975062049
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1554685320975062049
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:55 GMT
an-x-request-uuid
a8b03d4d-d902-4483-9995-6e4e9299d0bd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=1554685320975062049
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6731
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_ac3e278b-a86d-4c4c-b4a7-51172b398120&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_ac3e278b-a86d-4c4c-b4a7-51172b398120&gdpr=&gdpr_consent=&us_privacy=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=80b49e7e-aef2-470e-b5aa-bdb73b648c1b
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=a82421e8-1f2d-4ea2-a45d-a8e729c22cda&ssp=gumgum2&bsw_param=80b49e7e-aef2-470e-b5aa-bdb73b648c1b
  • https://usersync.gumgum.com/usersync?b=bsw&i=80b49e7e-aef2-470e-b5aa-bdb73b648c1b&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=80b49e7e-aef2-470e-b5aa-bdb73b648c1b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=80b49e7e-aef2-470e-b5aa-bdb73b648c1b&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 12 Jan 2024 04:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 6731
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=44affb79-7995-4705-a824-4ee7e73b5e55
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=44affb79-7995-4705-a824-4ee7e73b5e55
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 Jan 2024 04:19:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=44affb79-7995-4705-a824-4ee7e73b5e55
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 6731
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-17dda897-ae9b-56aa-5fa3-2e4775a0b93c$ip$185.213.80.244
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-17dda897-ae9b-56aa-5fa3-2e4775a0b93c$ip$185.213.80.244
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-17dda897-ae9b-56aa-5fa3-2e4775a0b93c$ip$185.213.80.244
Date
Fri, 12 Jan 2024 04:19:57 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 6731
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-nTxenbNE2pdesh8zOyaKSzuVYSBRQaJUJ5j3~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-nTxenbNE2pdesh8zOyaKSzuVYSBRQaJUJ5j3~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 Jan 2024 04:19:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-nTxenbNE2pdesh8zOyaKSzuVYSBRQaJUJ5j3~A
content-length
0
usersync
usersync.gumgum.com/ Frame 6731
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=dfe96ad5-3ba5-48f5-9cd1-1885c36f558f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=dfe96ad5-3ba5-48f5-9cd1-1885c36f558f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=dfe96ad5-3ba5-48f5-9cd1-1885c36f558f
Date
Fri, 12 Jan 2024 04:19:58 GMT
Connection
keep-alive
X-CI-RTID
9fdd1fa9-14e9-49bc-987c-9cad78370a06
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 6731 		0
0
usersync
usersync.gumgum.com/ Frame 6731
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_ac3e278b-a86d-4c4c-b4a7-51172b398120&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=VroS-ap-kEY3jeE8vPTy
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=VroS-ap-kEY3jeE8vPTy
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=VroS-ap-kEY3jeE8vPTy
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 6731
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=pxYgtILVabaK&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
0
0
usersync
usersync.gumgum.com/ Frame 6731
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1138234130041471926
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1138234130041471926
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1138234130041471926
date
Fri, 12 Jan 2024 04:19:55 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 6731 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_ac3e278b-a86d-4c4c-b4a7-51172b398120
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RPFSE2Z0CKJT794RPVM3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6999
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 04:20:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 12 Jan 2024 04:19:55 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=4444335064546968693&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame C13B 		170 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9hYzNlMjc4Yi1hODZkLTRjNGMtYjRhNy01MTE3MmIzOTgxMjA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 04:19:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 333C 		0
0
usersync
usersync.gumgum.com/ Frame E7A3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 04:20:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 12 Jan 2024 04:19:55 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=eed2eaaf-00bb-4420-a928-2f23eaabab2e
server
Kestrel
usersync
usersync.gumgum.com/ Frame 1F49
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaC97MCo5tIAAFlcHykAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaC97MCo5tIAAFlcHykAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 04:20:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 12 Jan 2024 04:19:56 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaC97MCo5tIAAFlcHykAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40152.dc2p.scaleout.jp
X-SO-IP
185.213.80.244
X-SO-Key
ZaC97MCo5tIAAFlcHykAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"185.213.80.244","key":"ZaC97MCo5tIAAFlcHykAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40152"}
X-SO-LB-Hostname
a-tgng40014.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40152
usersync
usersync.gumgum.com/ Frame 762C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 04:20:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 12 Jan 2024 04:19:55 GMT Fri, 12 Jan 2024 04:19:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0&pi=gumgum
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 003C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 04:19:58 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Jan 2024 04:19:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A84B 		62 B
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&cb=76050854170&charset=windows-1252&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-111.iad12.r.cloudfront.net
Software
/
Resource Hash
188fe25f12453c64120ceb65b95e0ba613a1ea707811de628b5e50902733e825

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:55 GMT
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-clacks-overhead
GNU Terry Pratchett
accept-charset
utf-8
x-adswizz-request-id
3ebaae86-a786-4c73-af4f-fa8dbbf32d2a
x-amz-cf-pop
IAD12-P3
x-cache
Miss from cloudfront
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
access-control-allow-origin
*
content-type
application/x-javascript
content-length
62
x-amz-cf-id
6HQ11fcj2VitVVhWAG8GuufoNQBhF_jPyhm3NyXN--G73hAQcurtcQ==
x-application-context
application:production
cookie
sync.cootlogix.com/api/ Frame A2A2
Redirect Chain
  • https://cs.media.net/cksync?cs=30&type=vdz&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dmedianet%26userId%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_c...
  • https://sync.cootlogix.com/api/cookie?partnerId=medianet&userId=3480347936485244000V10&gdpr=0&gdpr_consent=&us_privacy=
43 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=medianet&userId=3480347936485244000V10&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Server
68.183.118.170 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:56 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:56 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.cootlogix.com/api/cookie?partnerId=medianet&userId=3480347936485244000V10&gdpr=0&gdpr_consent=&us_privacy=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 12 Jan 2024 04:19:56 GMT
occ
ups.analytics.yahoo.com/ups/58576/ Frame A2A2 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58576/occ?gdpr=0&gdpr_consent=
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
x.serverbid.com/ Frame AB69 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=5573&dpui=c8d4d1b2-32bf-4d3d-9c42-91c7aff3488b
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:57 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
usync.js
eus.rubiconproject.com/ Frame 26A6 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36368
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:06 GMT
usync.js
eus.rubiconproject.com/ Frame 79DE 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36368
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:06 GMT
rtset
bh.contextweb.com/bh/ Frame 3209
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=bjdiUzBwNGgzZ2NHU2JCd1lDTm5FUQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEMhwuyfH-HGkNXcSqCCI6UI&google_cver=1
49 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEMhwuyfH-HGkNXcSqCCI6UI&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-psv2m
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEMhwuyfH-HGkNXcSqCCI6UI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 3209
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=765a471eeb142404&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABpbu-rDqfxQMn5YfLAAAAAAA&expiration=1705119598&nuid=&is_secure=true&gdpr_consent=&gdpr=0
49 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABpbu-rDqfxQMn5YfLAAAAAAA&expiration=1705119598&nuid=&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-psv2m
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABpbu-rDqfxQMn5YfLAAAAAAA&expiration=1705119598&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3209 		0
0
ecm3
s.amazon-adsystem.com/ Frame 3209 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=00bw2j7lAzLn&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PEJ4B3KXC53NMSADS7V7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame E8FF 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36368
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:06 GMT
usync.js
eus.rubiconproject.com/ Frame 4ACE 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36368
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:06 GMT
usync.js
eus.rubiconproject.com/ Frame 003C 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 04:19:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36368
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:06 GMT
khaos.json
token.rubiconproject.com/ Frame 26A6 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1537ef2fe96d186f089f142283d9817a
Expires
0
khaos.json
token.rubiconproject.com/ Frame E8FF 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1537ef2fe96d186f089f142283d9817a
Expires
0
khaos.json
token.rubiconproject.com/ Frame 4ACE 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1537ef2fe96d186f089f142283d9817a
Expires
0
khaos.json
token.rubiconproject.com/ Frame 003C 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1537ef2fe96d186f089f142283d9817a
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 26A6
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRA4QL3V-1C-G3X1
  • https://s.amazon-adsystem.com/ecm3?id=LRA4QL3V-1C-G3X1&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRA4QL3V-1C-G3X1&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BDJ0FPMXZDHDSE63DKMB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRA4QL3V-1C-G3X1&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Expires
0
cs
cs.yellowblue.io/ Frame E8FF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LRA4QL3V-1C-G3X1
  • https://cs.yellowblue.io/cs?aid=11590&id=LRA4QL3V-1C-G3X1
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LRA4QL3V-1C-G3X1
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:58 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LRA4QL3V-1C-G3X1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
cookie
sync.cootlogix.com/api/ Frame 4ACE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&khaos=LRA4QL3V-1C-G3X1
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRA4QL3V-1C-G3X1
43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRA4QL3V-1C-G3X1
Requested by
Host: vast.gg
URL: https://vast.gg/
Protocol
H2
Server
68.183.118.170 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:58 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRA4QL3V-1C-G3X1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Expires
0
usersync
usersync.gumgum.com/ Frame 003C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRA4QL3V-1C-G3X1
  • https://usersync.gumgum.com/usersync?b=mag&i=LRA4QL3V-1C-G3X1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LRA4QL3V-1C-G3X1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LRA4QL3V-1C-G3X1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 26A6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eed2eaaf-00bb-4420-a928-2f23eaabab2e&gdpr=0&gdpr_consent=&expires=30
42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eed2eaaf-00bb-4420-a928-2f23eaabab2e&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eed2eaaf-00bb-4420-a928-2f23eaabab2e&gdpr=0&gdpr_consent=&expires=30
date
Fri, 12 Jan 2024 04:19:58 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 26A6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/C0eLUKAcxVlY9-kEHDzpAMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YsSYTS1E2oJEMMTTqchmw8fQFPMczwPwpfNXLA--~A
42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YsSYTS1E2oJEMMTTqchmw8fQFPMczwPwpfNXLA--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 12 Jan 2024 04:19:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YsSYTS1E2oJEMMTTqchmw8fQFPMczwPwpfNXLA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 26A6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRA4QL3V-1C-G3X1&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRA4QL3V-1C-G3X1&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
65RXY380WKQ1S3WN25MM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRA4QL3V-1C-G3X1&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 26A6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=z8pNaR1aRACOYC1ZioArsw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z8pNaR1aRACOYC1ZioArsw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z8pNaR1aRACOYC1ZioArsw
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6V6MZ1JJVDGW0N76RXXN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z8pNaR1aRACOYC1ZioArsw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 26A6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRA4QL3V-1C-G3X1
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRA4QL3V-1C-G3X1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:59 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8B1CEF93D445401191D0674092F555EE Ref B: EWR311000103027 Ref C: 2024-01-12T04:19:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOt/o0wGOVHe1qMy5Gpw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRA4QL3V-1C-G3X1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1537ef2fe96d186f089f142283d9817a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 26A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN_f3cssY_mritjN0ssy5lw&google_cver=1
42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN_f3cssY_mritjN0ssy5lw&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN_f3cssY_mritjN0ssy5lw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 26A6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJBNFFMM1YtMUMtRzNYMQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJRx3h4vK1ANfJR1cw58lVQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBNFFMM1YtMUMtRzNYMQ==&google_push=
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBNFFMM1YtMUMtRzNYMQ==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBNFFMM1YtMUMtRzNYMQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 26A6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:19:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WCKYVS4A6HTM53CKG2CP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 26A6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWNiOTIxNmExYWVjOGY4ZGI0ZGZkMDA3MDkxYzRiYmFjZDQ1NTY4ZQ
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWNiOTIxNmExYWVjOGY4ZGI0ZGZkMDA3MDkxYzRiYmFjZDQ1NTY4ZQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWNiOTIxNmExYWVjOGY4ZGI0ZGZkMDA3MDkxYzRiYmFjZDQ1NTY4ZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1537ef2fe96d186f089f142283d9817a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 26A6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADb_E7LQXwAABY0dGhijw&expires=30
42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADb_E7LQXwAABY0dGhijw&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADb_E7LQXwAABY0dGhijw&expires=30
Date
Fri, 12 Jan 2024 04:19:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 26A6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRA4QL3V-1C-G3X1
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRA4QL3V-1C-G3X1
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRA4QL3V-1C-G3X1&ckls=true&ci=tRjQZ1OcCP&nc=false&trid=1508001413
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRA4QL3V-1C-G3X1&ckls=true&ci=tRjQZ1OcCP&nc=false&trid=1508001413
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.249.39.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-79.iad89.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:20:00 GMT
via
1.1 5c91d033409cd7607633594f94b09064.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
COrkcQl0zX8UrXJpncsU-6FCFZ_mMEn-3rFiPCm1epelZUUpFWsJaA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:20:00 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRA4QL3V-1C-G3X1&ckls=true&ci=tRjQZ1OcCP&nc=false&trid=1508001413
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
ov1iOT_uahRfN0EKoooMiFgWtHh0IQKYCgZxZC2JyH_C5-l8m-79uA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 26A6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRA4QL3V-1C-G3X1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRA4QL3V-1C-G3X1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 04:19:58 GMT
an-x-request-uuid
e11db0c0-b0a1-4d24-8f97-1e1edc8ea755
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.80.244; 185.213.80.244; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRA4QL3V-1C-G3X1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
v1
match.sharethrough.com/sync/ Frame 26A6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRA4QL3V-1C-G3X1
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRA4QL3V-1C-G3X1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.70.20.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-20-227.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:58 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRA4QL3V-1C-G3X1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 26A6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRA4QL3V-1C-G3X1
0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRA4QL3V-1C-G3X1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:58 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRA4QL3V-1C-G3X1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
sync
ups.analytics.yahoo.com/ups/58160/ Frame 26A6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRA4QL3V-1C-G3X1&redir=true
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRA4QL3V-1C-G3X1&redir=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 04:19:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRA4QL3V-1C-G3X1&redir=true
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1537ef2fe96d186f089f142283d9817a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 26A6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=669f2a22-ad84-4d32-b222-24f3df3b6be0&expires=30
42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=669f2a22-ad84-4d32-b222-24f3df3b6be0&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_rx_n-MediaNet_n-Beeswax_smrt_n-adYouLike_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_ppt_n-baidu_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=669f2a22-ad84-4d32-b222-24f3df3b6be0&expires=30
Date
Fri, 12 Jan 2024 04:19:59 GMT
Connection
keep-alive
X-CI-RTID
acccbeb8-42bb-49b9-9bf8-0a13d1539ebc
Content-Length
144
Content-Type
text/html; charset=utf-8
log
c21lg-d.media.net/ Frame A120 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=9fe2fdeb-1bf1-49e0-9ac3-98b31346dc7d&cs=15&vsid=3480347936485244000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C157%2C2028%2C159%2C2026%2C117%2C437%2C97%2C99%2C56%2C59%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.48.28 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 04:20:01 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 12 Jan 2024 04:20:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.minutemedia-prebid.com
URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Domain
s.seedtag.com
URL
https://s.seedtag.com/c/hb/bid
Domain
e.serverbid.com
URL
https://e.serverbid.com/api/v2
Domain
hb.minutemedia-prebid.com
URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Domain
hb.minutemedia-prebid.com
URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.ids.js
Domain
hb.minutemedia-prebid.com
URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Domain
trace.mediago.io
URL
https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
Domain
ssbsync-us.smartadserver.com
URL
https://ssbsync-us.smartadserver.com/api/sync?callerId=2
Domain
sync-amz.ads.yieldmo.com
URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/a674c7068c2b67ccfd0052a9d505c59c.js?tag=leadgen/frosmoth_text
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/load_preloaded_resource_fy2021.js
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/e9e356ec41155b008235c83648cb19be.js?tag=exit_2019
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/abg_lite_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Domain
www.gstatic.com
URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Domain
www.gstatic.com
URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
Domain
hb.minutemedia-prebid.com
URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22137834e4c8140e08%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C22526796173%2FGYT5QM%2FGYT5QM-DDA.B%23anchor-2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fvast.gg%2F&s=ae467eb5-089a-4ae1-a316-7dca3748b1c1&pv=792586a7-1753-4306-b7d4-393f93c8cf7e&vp=desktop&lib_name=prebid&lib_v=8.12.0&us=5&iqid=%7B%22pcid%22%3A%2296d60d56-5c40-4f5d-aa7c-c971189bdbf4%22%2C%22pcidDate%22%3A1705033189605%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22f72f045e-47b4-4c51-ae2f-271c88851057%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22vast.gg%22%2C%22publisher%22%3A%7B%22domain%22%3A%22vast.gg%22%7D%2C%22page%22%3A%22https%3A%2F%2Fvast.gg%2F%22%2C%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22cat%22%3A%5B%22680%22%2C%22684%22%5D%2C%22cattax%22%3A6%2C%22id%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ip%22%3A%22185.213.80.244%22%2C%22city%22%3A%22Montreal%22%2C%22region%22%3A%22QC%22%2C%22country%22%3A%22CA%22%2C%22lat%22%3A45.5075%2C%22lon%22%3A-73.5887%2C%22type%22%3A2%2C%22accuracy%22%3A20%2C%22ipservice%22%3A3%2C%22metro%22%3A%22%22%2C%22zip%22%3A%22H3H%22%2C%22tz%22%3A%22America%2FToronto%22%2C%22utcoffset%22%3A240%7D%2C%22devicetype%22%3A2%2C%22js%22%3A1%2C%22langb%22%3A%22en-US%22%2C%22ip%22%3A%22185.213.80.244%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22e5288ed7-6884-417e-b256-dc21cdb46f76%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f0600f6c-8b9b-4af5-bc92-56ef42c2b000%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/simgad/17693960660995302098/14763004658117789537?w=400&h=209&tw=1&q=75
Domain
s.uuidksinc.net
URL
https://s.uuidksinc.net/match/47/?remote_uid=CAESEOo8MFrPDc6ODsHMSkPwSXw&c_param1=AXcoOmSQ9ekeeo6YPqrE4RcQGY5uealUDEYkW43XAw93PyNv9T9sWevu696_v9XGZ5a1iIza1xl1Y8Es7mMFc3eot6p5OQMhb1U&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js
Domain
s.uuidksinc.net
URL
https://s.uuidksinc.net/match/47/?remote_uid=CAESEGY1RR4vqdT0hT0F3QIu-G4&c_param1=AXcoOmSqm9E8ZZDz8V0tyOUohdOqdpo9wHwk1qaOvOOfQPUYE33_0n8CQQv7r6hjcBGlMtzgww-CrbQans3WJzcRObs-XFcNZXg&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1458
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Domain
sync.a-mo.net
URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CqgBSgd2YXN0LmdnUgthYXMtNGEyYmY5N1oIcGJhMS4zLjNqB3Zhc3QuZ2f6AQY4LjEyLjDoAgGIA-X7gq0GqAMW6gMkNWE1NjAyOTctMzJmZi00NThmLThkNDQtZjQyMDAxZDJlNTFiqgQDRENIsgUDVVNE0gUJMTA1MTk5NTM02AUB4AUB6gUHZGVza3RvcPoFBGRjMTOqBwN3ZWLKBwd2YXN0Lmdn4AcB
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync?
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
rtb.gumgum.com
URL
https://rtb.gumgum.com/usersync?b=pln&i=pxYgtILVabaK&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| documentPictureInPicture function| gtag object| dataLayer object| _wpemojiSettings object| $MMT undefined| $ function| jQuery object| ajax_var function| epcl_toggle_mobile_menu function| loadCSS object| Pace function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| AOS object| StickySidebar function| ClipboardJS string| c object| homepage object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaGlobal object| twemoji object| wp function| xDomainCookie function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| googletag object| _aps object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| confiant boolean| apstagLOADED boolean| creativeVendorLibraryLoaded object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| plObj object| ID5 object| __id5_instances object| __uid2SecureSignalProvider object| __uid2 boolean| isPxlSent object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| signal_decrypted function| clearImmediate function| setImmediate object| atsdropmatchpixelmodule object| atsdetectionmodule object| atsenvelopemodule object| ats

178 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARD6Fg
.t.co/ Name: muc
Value: 3283e83a-8198-47ca-89bf-6bfedf6ed0fa
.t.co/ Name: muc_ads
Value: 3283e83a-8198-47ca-89bf-6bfedf6ed0fa
.vast.gg/ Name: _ga_NFGQ7Q0YK7
Value: GS1.1.1705033189.1.0.1705033189.60.0.0
.vast.gg/ Name: _ga
Value: GA1.1.680730703.1705033189
vast.gg/ Name: session
Value: eb828732-7474-47c2-b42b-fcaa21afd078
.adnxs.com/ Name: icu
Value: ChgI6t1tEAoYASABKAEw5fuCrQY4AUABSAEQ5fuCrQYYAA..
.adnxs.com/ Name: uuid2
Value: 1554685320975062049
.go.sonobi.com/ Name: _usd_vast.gg
Value: 792586a7-1753-4306-b7d4-393f93c8cf7e
.go.sonobi.com/ Name: __uih
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: 2d87db8b95783bc6c08947e63a42ca46
.a-mo.net/ Name: amuid2
Value: 14c21e96-f05d-4650-ad1b-516bfb787c08
.prebid.a-mo.net/ Name: sd_amuid2
Value: 14c21e96-f05d-4650-ad1b-516bfb787c08
.go.sonobi.com/ Name: __uis
Value: a2678b8e-9fce-4097-86c7-f4ca3f6adeb2
.gumgum.com/ Name: cs
Value: true
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: vst
Value: u_ac3e278b-a86d-4c4c-b4a7-51172b398120
.rubiconproject.com/ Name: khaos
Value: LRA4QL3V-1C-G3X1
.openx.net/ Name: i
Value: 603e6050-f807-40a4-9589-96e24b4c6cee|1705033190
.openx.net/ Name: pd
Value: v2|1705033190|vMgavPkWgy
.adsrvr.org/ Name: TDID
Value: eed2eaaf-00bb-4420-a928-2f23eaabab2e
.openx.net/ Name: univ_id
Value: 537072971|eed2eaaf-00bb-4420-a928-2f23eaabab2e|1705033190633815
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A1n3mEaiW0bum8RmBxFO77I
.casalemedia.com/ Name: CMID
Value: ZaC95o6bVgJB-YJxFA.I2gAA
.casalemedia.com/ Name: CMPS
Value: 3568
.casalemedia.com/ Name: CMPRO
Value: 3568
.serverbid.com/ Name: CONSUMABLEID
Value: c2b325e9be294aa2b325e9be29caa28f
.yellowblue.io/ Name: wrvUserID
Value: eq17Kox-kp_s
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwHFG-CBfg0CJ9R_cHU45Q_JIUNwu7toCPRDr_xOmB6pnPKqIGr2Z_gz9JQC4TM1
.33across.com/ Name: 33x_ps
Value: u%3D212417877639277%3As1%3D1705033191215%3Ats%3D1705033191215
.prebid.a-mo.net/ Name: __amc
Value: 3_1705033189_1705033191
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4444335064546968693
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 5aca31be57ab1fa6aa0848ea4a9df027
.csync.loopme.me/ Name: viewer_token
Value: 33f75148-604f-4b7e-ae80-c7bb10e57a4b
.vast.gg/ Name: _cc_id
Value: 5aca31be57ab1fa6aa0848ea4a9df027
.vast.gg/ Name: panoramaId_expiry
Value: 1705119591398
.bidr.io/ Name: bito
Value: AADb_E7LQXwAABY0dGhijw
.bidr.io/ Name: bitoIsSecure
Value: ok
.liadm.com/ Name: lidid
Value: de64b988-35ec-403e-92f1-0be73d07ab77
.doubleclick.net/ Name: IDE
Value: AHWqTUlj0Hnykz9QdjXurCnDuX_ZL5xfUcn6WdOZDaJrgL7hSZcqF6Q5jpYNOvOO3CA
.vast.gg/ Name: __gads
Value: ID=1880a64b7770ceb8:T=1705033190:RT=1705033190:S=ALNI_MaYJ7PFSql7p0OSfgAXegn4yExPwA
.vast.gg/ Name: __gpi
Value: UID=00000a072fdb5070:T=1705033190:RT=1705033190:S=ALNI_MY5ivB5SJZYEHAstXSQrtZN1CTTmQ
.sharethrough.com/ Name: stx_user_id
Value: ed3394ac-5bdb-449b-80e4-c99d400a69af
.yieldmo.com/ Name: yieldmo_id
Value: VEzY7ccQQYc9EKbeQsR2%7C1705017600000%7C0
.rezync.com/ Name: zync-uuid
Value: f4867bc9-585e-4cc3-96db-9c572d611471:1705033192.3103857
.teads.tv/ Name: tt_viewer
Value: 9c2d979a-5558-4a88-9911-58175650ba9c
.media.net/ Name: data-ris
Value: {{APID}}~~25
.zemanta.com/ Name: zuid
Value: VroS-ap-kEY3jeE8vPTy
.pangle-ads.com/ Name: _pangle
Value: 2aq5IvOXFi2ZWrSE2C25ZM82TRg
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOwiAMANC79HuYllIKXGZxgAnRoRnzx2V3d58veQfMn7qt9177DmnfvnWC_GqXBqQDRvut9QkJbMCowt4iBlVSHxnOCUYdo7373Mp1Hi54XXI0EqQalzOb6MtiYha1xRM5pUSKgswU7Y0JOYjC-QeuZyVP.ZaC96A.ZrtcOaIuw3Dn3FKOpgi3P1Kf4i8
vast.gg/ Name: _lr_sampling_rate
Value: 100
.mxptint.net/ Name: mxpim
Value: R35CA5_10F27B076_AF27ACBD.1.65A0BDE9
vast.gg/ Name: _lr_geo_location_state
Value: QC
vast.gg/ Name: _lr_geo_location
Value: CA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjY3srQwMDc1MjIxsjA2NzE2MBTiM9TVLfV2Mo6s8CmwiKwCAErcZoolAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dTMy9Lf0K3fz9zVyDDD0KTQus0i19AUAPsCBKB4AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjY3srQwMDc1MjIxsjA2NzE2MBTiM9TVLfV2Mo6s8CmwiKwCAErcZoolAAAA
vast.gg/ Name: _lr_retry_request
Value: true
vast.gg/ Name: _lr_env_src_ats
Value: false
vast.gg/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22eed2eaaf-00bb-4420-a928-2f23eaabab2e%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-12T04%3A19%3A53%22%7D
vast.gg/ Name: pbjs-unifiedid_cst
Value: zix7LPQsHA%3D%3D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dTMy9Lf0K3fz9zVyDDD0KTQus0i19A3iNTQ3MDUwNja0NDYzM3_FiMpfJYrENzcyBwBM6lieTQAAAA
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1184890%7Cunl%3D1184890%7Cpub%3D1184890%7Cdv360%3D1184890%7Can%3D1184890
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: NmQ4MjQzMGRlZGJiODFhNg
.ads.yieldmo.com/ Name: ptran
Value: 1554685320975062049
.media.net/ Name: data-ze
Value: VroS-ap-kEY3jeE8vPTy~~1
.media.net/ Name: visitor-id
Value: 3480347936485244000V10
.media.net/ Name: data-ttd
Value: eed2eaaf-00bb-4420-a928-2f23eaabab2e~~1
.media.net/ Name: data-g
Value: CAESEKYfeX4pDclM-e_y3Da8pRE~~8
.creativecdn.com/ Name: u
Value: ewDRYq2HJtYLbUBG0rYS
.creativecdn.com/ Name: g
Value: ewDRYq2HJtYLbUBG0rYS_1705033193991
.id5-sync.com/ Name: id5
Value: f078efca-eac6-7828-964f-5ecbb737ffa3#1705033193285#3
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.criteo.com/ Name: uid
Value: 9ad03db6-bb24-49f4-98de-4d60dda1ceaa
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.media.net/ Name: data-c
Value: 9ad03db6-bb24-49f4-98de-4d60dda1ceaa~~1
.media.net/ Name: data-c-ts
Value: 1705033194
.media.net/ Name: data-co
Value: AAACl1FifVNUKwMUpsmEAAAAAAA~~8
.media.net/ Name: data-rbh
Value: s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0~~1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 139579535140053721
.go.sonobi.com/ Name: __uin_zt
Value: 3729807522428374301
.go.sonobi.com/ Name: __uir_rh
Value: 139579535140053721
.go.sonobi.com/ Name: __uin_rh
Value: s0hGJT2UhZxkdz_RIUaYOqtQMLtoxVNdAMhx-d0beh0
.go.sonobi.com/ Name: __uir_td
Value: 139579535140053721
.go.sonobi.com/ Name: __uin_td
Value: eed2eaaf-00bb-4420-a928-2f23eaabab2e
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
.ads.stickyadstv.com/ Name: UID
Value: d6ea2a11daebb01cf2226fafa973dca7
.tapad.com/ Name: TapAd_TS
Value: 1705033194862
.tapad.com/ Name: TapAd_DID
Value: b864f3c7-a81f-4837-ab77-1c63f50731ac
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.w55c.net/ Name: wfivefivec
Value: APufUREr1Ro91o5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!292
.w55c.net/ Name: matchmedianet
Value: 5
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.pubmatic.com/ Name: pi
Value: 158355:3
.media.net/ Name: data-xu
Value: APufUREr1Ro91o5~~8
.cootlogix.com/ Name: vdz_sync
Value: 40af93a1-9d3b-661d-ff27-41b1f2b6a904
.cootlogix.com/ Name: vdzj1_3646a4db
Value: FOY13QD7D9U1jvNyi5KmZHJUshXw8EPVtTbnNyBHNcZANYRH9BWFAzJgYgCmAEXhR%2FG14XfWYCIgpgAg8QeB1eAWV1VHQJZAYOFStOClFzaBVyC2VQWEB5SQtQMiZRJgBiBF5BeE5ZVDVmG2YPZwAPRHtOCg01clN9D2ECU0Z%2BSFgMYCIVGRV3UgUDIA1LD2FoFSNdJUNITDVbAEYUERV%2BXzRdGRNiWw5RITYVfhtlE0ZUKR0ZRxIrWTdcO0VITGxbRRckN2c2UCNQCQ9sQ0sXLGgVN1wmQgMZIFtTFzB8DyBdbAAJWy1MWwJ8dFZ2XXgDXRAqVFhQN3cGIFpmVF5CfltFFzIrWSpcNkUDGSAwDRdrZgF3DjAHX0J4HQxWM3wFIA1gA1lAKEkPDXNoFS1KHFcYFyMcSw8lNkIhRA%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBFakT1HPo7MAJFa5GFHIpM&KRTB&23025-CAESEBFakT1HPo7MAJFa5GFHIpM&KRTB&23386-CAESEBFakT1HPo7MAJFa5GFHIpM
.pubmatic.com/ Name: SyncRTB3
Value: 1706227200%3A220_21_13
.rlcdn.com/ Name: rlas3
Value: S9T/ozwd8qE/IJu8SENlNId6bXNGZf6npQeYLGtsU6A=
.cootlogix.com/ Name: vdzh5_c48e34a9
Value: H8p11UCPBbACNvqnLmEjLQwuISdUS0w0cWZ1WiN7K1tICDYmfXZSeHRjTkcNYm42dgEgcChAEAowIWJgHw%3D%3D
.rlcdn.com/ Name: pxrc
Value: COv7gq0GEgUI6AcQAA==
.simpli.fi/ Name: suid
Value: 07538226E2854BA2B957AF03051E2636
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:07538226E2854BA2B957AF03051E2636&KRTB&23486-uid:07538226E2854BA2B957AF03051E2636&KRTB&23489-uid:07538226E2854BA2B957AF03051E2636&KRTB&23539-uid:07538226E2854BA2B957AF03051E2636
.pubmatic.com/ Name: PugT
Value: 1705033194
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.yahoo.com/ Name: A3
Value: d=AQABBOu9oGUCEFZEGxqHjV_uPmeJCuImnogFEgEBAQEPomWqZQAAAAAA_eMAAA&S=AQAAAmwJVp2tUMZPeTn0U4eu08I
.adswizz.com/ Name: OAID
Value: dc537698536b9310e4bcb76350a9f261
.quantserve.com/ Name: d
Value: EEMBCQHxKoEA
.quantserve.com/ Name: mc
Value: 65a0bdeb-91cd8-346bd-1764c
.demdex.net/ Name: demdex
Value: 09791734693780724871694617154076024508
.dpm.demdex.net/ Name: dpm
Value: 09791734693780724871694617154076024508
.creativecdn.com/ Name: ts
Value: 1705033195
.smartadserver.com/ Name: pid
Value: 1138234130041471926
.cootlogix.com/ Name: vdzh5_7c6778a6
Value: 2o214DfFVe3i4AsfcyQP0QrMwFaCFokB0RZW2JwXnZlUQRQB3dHXlZLZXBWdmYzAlkWPA%3D%3D
.socdm.com/ Name: SOC
Value: ZaC97MCo5tIAAFlcHykAAAAA
.pubmatic.com/ Name: SPugT
Value: 1705033195
.adingo.jp/ Name: ID
Value: 5c2706b8679c7315b36d158e4439434f
.semasio.net/ Name: SEUNCY
Value: 318D3361E203BB5
.360yield.com/ Name: tuuid
Value: 3e4611d2-74d1-4e2f-a1d4-c465f8432b93
.360yield.com/ Name: tuuid_lu
Value: 1705033196
.id5-sync.com/ Name: 3pi
Value: 112#1705033196722#1893343488#318D3361E203BB5|434#1705033194588#1125882333|2#1705033195952#1520313439#1554685320975062049|1221#1705033196896#827096705|264#1705033193527#2107851573#eed2eaaf-00bb-4420-a928-2f23eaabab2e|441#1705033195810#1802755341#u_ac3e278b-a86d-4c4c-b4a7-51172b398120|108#1705033196896#-1486799179|429#1705033196408#1036865575#B6E0004C-6B68-4FB7-8DE0-E205EC60FBB3
.bidswitch.net/ Name: tuuid
Value: 80b49e7e-aef2-470e-b5aa-bdb73b648c1b
.bidswitch.net/ Name: c
Value: 1705033196
.mfadsrvr.com/ Name: tuuid
Value: 411b3279-7dd5-4485-9a44-8c76490cd352
.mfadsrvr.com/ Name: c
Value: 1705033197
.mfadsrvr.com/ Name: tuuid_lu
Value: 1705033197
.bidswitch.net/ Name: tuuid_lu
Value: 1705033197
.mfadsrvr.com/ Name: ssh
Value: !medianet,1705033197
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-17dda897-ae9b-56aa-5fa3-2e4775a0b93c.UhepisYHsp92ZmIhoQbPu0EK4MGzFiOtxKbM7MOPoNc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-17dda897-ae9b-56aa-5fa3-2e4775a0b93c.UhepisYHsp92ZmIhoQbPu0EK4MGzFiOtxKbM7MOPoNc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AF92ol66bVqpfoy5HdaC5PLnVUPQ.0bdmtT0XkzTmFcCkpGP0PjPIqPV1gyp%2BU51DGvEf2nA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AF92ol66bVqpfoy5HdaC5PLnVUPQ.0bdmtT0XkzTmFcCkpGP0PjPIqPV1gyp%2BU51DGvEf2nA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJTvqkvZ7wMPjuFKOi93GY-FO2eNmkXAtXBOvnL4z2vmEHwYBCDt-4KtBjABOgRvD7diQgRyj1Zj.ximwJMJtB4ZQhsb4kGxn27soMFOab7bndvOdgcNzuso
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJTvqkvZ7wMPjuFKOi93GY-FO2eNmkXAtXBOvnL4z2vmEHwYBCDt-4KtBjABOgRvD7diQgRyj1Zj.ximwJMJtB4ZQhsb4kGxn27soMFOab7bndvOdgcNzuso
.media.net/ Name: data-mf
Value: 411b3279-7dd5-4485-9a44-8c76490cd352~~1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: a82421e8-1f2d-4ea2-a45d-a8e729c22cda
beacon.lynx.cognitivlabs.com/ Name: ss
Value: fGqg5lJWSfKt87qaaYOrDhV0rNK9om425QtPTxsmTbsP2b0SgK7mncHXiubxRlZ7XOeIwooMV27hew45R81tlg%3D%3D
.send.microad.jp/ Name: TR
Value: 732a23d5646a4987250c01759f7b113949e757c9b7e95ae7
.go.sonobi.com/ Name: __uir_st
Value: 139579548024955612
.go.sonobi.com/ Name: __uin_st
Value: F92ol66bVqpfoy5HdaC5PLnVUPQ
.go.sonobi.com/ Name: HAPLB8G
Value: s86184|ZaC98
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.a-mx.com/ Name: amdt_t
Value: p::1705033197629
.a-mx.com/ Name: amuid2
Value: 14c21e96-f05d-4650-ad1b-516bfb787c08
.contextweb.com/ Name: V
Value: 00bw2j7lAzLn
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: bd7b1be2c49f4cfb
.dotomi.com/ Name: DotomiTest
Value: 765a471eeb142404
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p2n|2N.0.AAABpbu-rDqfxQMn5YfLAAAAAAA|4is.0.CAESEMhwuyfH-HGkNXcSqCCI6UI|7TZ.0.1
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIvvqPmfjLyTwQBRIUCgV0YXBhZBILCNTBr7L4y8k8EAUSFgoHcnViaWNvbhILCISgg9b4y8k8EAUYASABKAIyCwicloaDj8zJPBAFOAFaB3J1Ymljb25gAg..
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.cootlogix.com/ Name: vdzh5_62eab693
Value: TUc11RweaeB8FwcHKVUXFAcrWykZQXJwOzcgURN0dSFOeRFaIlI9cxo7
.cootlogix.com/ Name: vdzh5_11f967df
Value: PqF127HO35MOCCDisTGo6QFA%2FBidhfktKVnB%2BBFd%2Bem4gdAwRGn4pUlZgdiEmc0RCVHF9B1YodyB7dQ9RSg%3D%3D
.adnxs.com/ Name: XANDR_PANID
Value: 0cqq49A7_eqft2k_3RSb6VoRmVaK3CmYQH5SG-UAu4DkiegosRLaRZSJjG70EveSKgectzmewg6lFlEv_5PNWuc5R4-PCVccLqeIB-KcrWs.
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2E?^Ll@:+!A#FF.TOKKnyW<U1`VROYQM-:C_vb6LC/rHBC^UsFor%S_'bjd=#QkwmgDsB/X%W#.wLP*6:R^]a0155-+0OdR8OeLWX[gN/:Jg791CX)@'s>ThbF90
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSQTRRTDNWLTFDLUczWDEiLCJleHBpcmVzIjoiMjAyNC0wNC0xMVQwNDoxOTo1OFoifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0xMlQwNDoxOTo1OFoifQ==
.ipredictive.com/ Name: cu
Value: 669f2a22-ad84-4d32-b222-24f3df3b6be0|1705033199003
.ads.yieldmo.com/ Name: ptrpp
Value: 00bw2j7lAzLn
.mediago.io/ Name: __mguid_
Value: acc8ce73e02e8bfc24ucc500lra4qsoh
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22E80B9DFC-9731-44C1-1699-42FE44E31571%22%7D
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcLRJ6rRVFtEsbcmtjngIWAIaZSMhbiE+0+fZ6+yhEVzgScLYLVifcHd4HEYI5ehIrV49icLuphaRLKpUjWTmmg0
.linkedin.com/ Name: bcookie
Value: "v=2&e861f29e-725d-493d-8f3a-291d8057d8e4"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2738:u=1:x=1:i=1705033199:t=1705119599:v=2:sig=AQG1Qc_qya3y0Y6rZAzNRtKh3x3AYdxA"
.primis.tech/ Name: csuuid
Value: 65a0bdefe4947
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: tRjQZ1OcCP
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMTdSWTJo
.intentiq.com/ Name: IQPData
Value: 3117764852#1705033200419#0#1705033200419
.intentiq.com/ Name: intentIQCDate
Value: 1705033200421

6 Console Messages

Source Level URL
Text
violation error URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2876264517&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok(Line 33)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2876264517&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok(Line 33)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
violation error URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2085379033&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok(Line 33)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2085379033&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok(Line 33)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
violation error URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2277160852&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok(Line 33)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=2277160852&adv=12410607&buy=30748971&cid=207503594&pid=384621254&ok=ok(Line 33)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9cf89b1f15dd1566385dc7627ffa94e3.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.yieldmo.com
aep.mxptint.net
aid.send.microad.jp
analytics.google.com
analytics.pangle-ads.com
ap.lijit.com
apex.go.sonobi.com
api.id5-sync.com
api.rlcdn.com
ats-wrapper.privacymanager.io
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
cc.adingo.jp
cdn.adswizz.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
check.analytics.rlcdn.com
client.aps.amazon-adsystem.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
creativecdn.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.yellowblue.io
csync.loopme.me
ctxtfl.com
delivery-cdn-cf.adswizz.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
gtrace.mediago.io
gum.criteo.com
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imps.monu.delivery
invstatic101.creativecdn.com
js-sec.indexww.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
live.primis.tech
live.rezync.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
medianet-match.dotomi.com
monu.delivery
monumetric.technoratimedia.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.cootlogix.com
prebid.media.net
protected-by.clarium.io
pulsepoint-match.dotomi.com
px.ads.linkedin.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.seedtag.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
services.ctxtfl.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync.1rx.io
sync.a-mo.net
sync.colossusssp.com
sync.cootlogix.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.teads.tv
sync1.intentiq.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
t.co
tags.crwdcntrl.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vast.gg
visitor.omnitagjs.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.temu.com
x.bidswitch.net
x.serverbid.com
ads.pubmatic.com
apex.go.sonobi.com
api.rlcdn.com
cdn.jsdelivr.net
e.serverbid.com
eb2.3lift.com
hb.minutemedia-prebid.com
js-sec.indexww.com
match.deepintent.com
pixel-sync.sitescout.com
rtb.gumgum.com
s.ad.smaato.net
s.seedtag.com
s.uuidksinc.net
ssbsync-us.smartadserver.com
static.criteo.net
sync-amz.ads.yieldmo.com
sync.1rx.io
sync.a-mo.net
tpc.googlesyndication.com
trace.mediago.io
www.gstatic.com
104.18.36.155
104.21.56.203
104.22.52.86
104.244.42.197
104.36.115.111
104.36.115.113
13.107.42.14
13.249.39.79
13.249.42.27
13.32.151.21
13.32.151.42
13.32.151.98
131.153.242.59
147.28.129.140
15.197.193.217
150.136.25.38
159.89.246.130
162.19.138.116
162.19.138.119
162.19.138.82
162.248.18.34
172.105.199.172
172.217.13.102
172.217.13.110
172.217.13.130
172.217.13.131
172.217.13.138
172.217.13.161
172.217.13.162
172.217.13.163
172.217.13.168
172.217.13.196
172.217.13.198
172.217.13.98
172.240.155.84
172.253.63.154
172.64.144.166
172.64.98.35
172.64.99.35
178.128.132.116
18.160.10.101
18.160.10.111
18.160.18.34
18.160.46.56
18.165.98.63
18.215.86.100
18.235.40.85
184.31.48.28
185.167.164.39
185.184.8.90
192.0.73.2
192.132.33.69
192.184.68.254
195.244.31.11
198.148.27.131
199.38.167.131
20.237.30.240
202.233.84.1
211.120.53.205
23.105.12.143
23.32.172.185
23.44.201.182
23.56.162.28
23.56.163.106
23.56.163.154
23.62.10.28
3.162.114.30
3.213.53.144
3.217.134.136
34.102.146.192
34.111.113.62
34.120.107.143
34.120.63.153
34.149.50.64
34.196.72.246
34.197.228.249
34.200.65.202
34.203.113.223
34.206.181.88
34.233.0.32
34.242.96.184
34.96.70.87
34.98.64.218
35.186.236.140
35.190.0.66
35.190.39.111
35.207.24.140
35.208.249.213
35.211.178.172
35.214.221.128
35.227.252.103
35.236.220.17
35.244.154.8
35.244.159.8
37.157.5.84
38.68.201.140
44.216.133.79
45.79.246.226
5.161.188.99
50.17.123.198
50.57.31.206
51.222.239.230
52.46.143.56
52.70.20.227
52.85.132.15
52.85.132.55
52.85.151.34
52.85.151.82
54.146.35.99
54.147.5.36
54.156.16.64
54.158.172.237
54.227.205.3
54.87.127.173
63.251.28.134
63.251.86.50
64.202.112.255
67.202.105.21
67.220.228.202
68.183.118.170
68.67.179.166
69.166.1.32
69.166.1.35
69.173.151.100
74.119.119.139
74.119.119.150
75.101.132.149
8.18.45.105
8.28.7.82
8.28.7.83
8.43.72.113
8.43.72.97
8.43.72.98
99.84.191.112
99.84.208.59
99.84.222.71
047ebd266737a8fb7124914c27cbdaa069d413d8f4595e0892ededfc752f0cf6
048c5a42f99a76a85c9376dd9496ad46da974f58d084bdf9263f17eaf9a88f5d
04ab5c6045b956e0a133c7f687c0456131c83939f6b75b173ca83e61e63557d2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054c778c4da7412d5ce98b248f627d9e1ce597af114771751604b7021e18e636
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0897325e1d07c5116d1e2470382253289b3c6e7ce6334d2799e173f3f852e009
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0ab2e1b9729b261652bae7801dd8dc316ee0b0b9a38612fd36ea419a4fcd11d4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09f8c52e2557da7ade85e2c3dd7275a2699e10bf742366fcda7a847202d2f0
0c8ce5097738b07d1fa9aa91b81629b3835c67e4dc4f0513e119f9d100ae7ced
0fae61fcc92f8ef2bfe7e6c812c8abe6fda5cba455b23b1259096b2de3732988
0ff4773243842179e9431d578745abf5be2a905e550fd74c1240f6e7bd6c03f5
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
110c42aa3f51e956a76f6a8bec4fd20f43bc189f0fb068e66b1ffdaacd2295e0
1129a368cae4aa0b6519bc65697997fb7be015bbedf33f33eafe4bf7f3afe51f
13cf02edd3fac53b90f6ccaf1000c596ab2796f24176e4c96ffdd0e360301eec
14102223f7010cd0019bba8b6ce3cf99f81ef50b881ab687ed72c0fe5eb203a4
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
165260f9689bedc24dea87433b2e8cd8f3136d59fdb3672d1e1da3752cab0550
188fe25f12453c64120ceb65b95e0ba613a1ea707811de628b5e50902733e825
191f6247d603a830b3e62d296c70055d915036e043f4295aae2f7b57f4996f8d
1fae1248e7527a1d7aa15012f124f7e8ff9b5d59c0b738931487d0384a6a467d
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
217e374fae2a2855c51a7c79da717b2c1465290622622f2cfc4a7fb9736adaf9
22aee4da6f68f6ff5247936ff54352743f3c1174e3c6f302975f26bddae490ff
23513f85be4f125afb96b9196354bcd7a918853024330eb2084c211cbca859fd
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e
2636f57eecbdf126dfa0f81f899f2fc71f6fd9bc0c2797318a0b14fd6c4f31d0
26d5d8381823437c3d6fe6bb4db1ff2efffa6d8244038285a06d046764214f42
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2990801076ede7de13bd385134e54292ce79c3f7aa497b586f1c0578f7280aca
2aa25a19729df7b573f42c20a108d4ec213403df5ac193414f02f35887e7017c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b70d5f158ad9fb8db0a1c335114075558d819212c80ce6d0aca87c348afb174
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2db33cc2dcd1bc2d9d27622ef671a2fd012b65f89b10667db73bff1b80ef7dae
2feed399fc94cace0e35e30057a08db2e67f73b100df53876af4b1cdf90dd9de
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
358aa69a1175fb7738c0dc56eafc4733c64bc5b7a4d4309f361f00b32f6ee93f
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
3769f83ec48014805a45267923d3cef678b901076764347233351e5b1b3f3d9e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3b3378d93a2eee7a78889eca31f8f851f4ebdab270055d187b9aeca61701bc92
3ca1f9b3c589fd67524db2b33b34df38febf66ef2a21eacfc4d54ad8b59c120b
3d5982410bd5a8c058505849bd7d872cd1a1cc4c1d8c2eb3bef3d2c269e54bb1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411494e01716b5f3b65c3ca699ebd43dfe28de24e0b670af0d6604f185691f2e
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42f5540f8ac207564ea7f41b96ba8aef84119ac1668bfa7fe4287262d86193d4
44417d92e38dacd0f068be3573781204179275c0f9f85e852843eb6eb0889ab4
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
466bdc99a90439cf86dc4b1adfe1c1a3f9a6fa7eeaa7be9d04f963bda6d8f4fa
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d76bb696d322837021d7610530a36b31951fa0cc400b97c3da03601e71f500
478fb37e3f4b04b822b10afc9307d6e66ef0a037190ad28bebb8db3756feb6e5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492fc009da1427fe6fedc1f5a65d4f7c8bee3453c342c810e751a6549099ff47
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9f18c4ea5f23262f40f2eea21769a855ad2c486ec5da02818c5b1a1b0436ab
4bf828301822f58d940049d9d813711a192418e2e839e473d1d6d241960b4855
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e53319396727526d8fd5dc0d08b3edd788786a8669e8b9991f464ab1b3023bc
4e6ee3a660e14eda56fc4ec4bc845220a52ce5cbb9c44c164e7e881a46b49bc9
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
578defb1706fefb42fefb5b2c776919bcf128c3bb263ddb0712adc53c0e41e9d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f5e46d3c495f28b880fcac560de23397293f568f592f72088996c47531e7d9c
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
602e076e1e79d412ef41da62a731354d51b6e58af267dec060b09b85f5935236
6063859869845d6483206ca381b5b546cc2a043c11698153ce2aa32d73394cc2
613f3920a4ba756f81d8b573f0d2408fd7679e78ffdd88c8df5331548d581959
619a04a94887e1578c745f8374a167979caf79f46bfbe9023d9ddf3fcea568b3
6279dfc2219d1b2702c0940c21fcddd29c753d972757395b709616233f18808f
6298af9bdb719636795a47796a4a78c198c3c0c6c02fa46fee3d6ac1d2f89211
6343356bb1b36e7b34994fdb3293f4e426c360cd35bda51a639d551a5f569b06
673c59be0ecfee7073c75ffd5030f8f3462a38e452b541abff96644b15b58b4f
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
684586e6772ee02828185ad005ffaf74fda242faf446b3107c68f0aff86ecef9
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bcf776ca3e30c858e1a71fb9a2f1b186d7035c7892ab87552c7a8866cd661bf
6f965f88ba9825b60816db6654ed01c124c92fed5ffcd8a92963598a432e5cdf
701d6ca0911d2c00e93663fb1653f5aacc08b2ada41f469221552b8c6a59d4c2
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
72ba6aa53b1963aebde9dd57d0eaea5424074cd8a0dad023f3896c7b34cf7294
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
741b05a3ef21927de2e9b1ee468c81d55a50ce666835c963786085a607b3aef3
7961acbb656b2aaac090336a023b3348d164cb40a29f99b4622fc494b221e579
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79e510ba39e5709c9919e6d155d41c45882c581e60c51fd5c2a4111d8bb71753
7a03e4413a20d56938a865bf3d1adb366545e9a2477556cc0b41a2d79d8e4f5d
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bb7cdd4e8984c5982cd002e0178375c3d93772014dd750e0699ce692e4696ce
7c66b6d27d1b19170b63ab49294609853d2f3a77c334d3b70bb4d59250d413db
7d28504ebc3cd1f4055abbf772fe34dd0a444ba807f5d80542338b057afbaead
7d6a50fffc98c121920d8577cd8c405b8a02a0345cafbfc2ba5dd470e62c8079
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8201aa245826638d0306fa5ba95c361a406aee9ea0fb5383b4c3797cbe7d2d82
86518e5e9324e8b31ebcfe703b92b7c8a951bb75e83007c589e4b5e3f19c656b
8692876130dfb184903eaa05b62938cbd8be6a4deed7a85cb48c26f4a190bad3
8695084c68da240d812f845f2f37f2f560fda0eb79c0240104cbba715d631ef4
8703cb3dfb157154ae3eea0a4829192f88e1fd4b7cf14197e9d901120cafa383
871a21fef8c5364e4b77bb908cffa4cc9ce8d264c638970ad23116c1d47ab3e1
8936a6938f2dc15cb1bab8b433e906b86cb94cdc559de5a580e6eb434749b79e
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90ea1714028a7a7ed28f6023dcb420125e780381a802cf424fef5ccb82c285b1
90faab7fa347962bc4534c2aa36891408f153ae01bc910377ead2ea1a8d22141
9229ce97168b9fad80cccb0bb2fe7b0b301fcf902b50b78924af7e1f22f584b1
92788c6e7d760efa26e3c188e8fe242f4f62918d7b995e6f1e77c71f4bda1f2e
9409f9daa466f7e69a607048e917d37893088a9c17fb2d8027557823ceff3bc1
97b53eae34b187915eacef88c433919a80cfd52458db594f7ad7b873f9c42819
97bf3ab0390799744352ddbf5d60e19ba9e9040c7d09da8468506e8067443353
97e94eacf5d2a8bd57a2f14026ae8fa2aa252569d65bbbf5e0855b5c5bda0dfd
99ac861149f29d4c77a457a8037f4404424c39c29d54ae301d930dd29f6b41fe
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb233cd524e0309ac603684d665b5d3b30eefe8297f483c1f40a74cacbbd0bd
9d97f3ee2068d15af10b21cc31ff81a1f2861d46bb4811a1b3692b0540b694e8
9e928c5743b5777aa817daa10c011209c042a7feb7577525c2fa250c14fda32f
9f1cae0422e02df6c70f6c381319aec5861eca291e82fb14182f68f4555c7b90
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09b148e617bcb963e704ddbb86bd4f8e710c5f8bec69b15b2d89313db98c291
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a688f331b963b0214605000f50f1513a929c1be0fec2f6203902cc5b45eb4f1a
a885ab369eb4d2e32514a7d276fbfcbfcce13c053f01c3524b60461082cae0dc
a97eff482d0edb326f716e6bddc28773a28a6d6869efa22b1ab423d0de323571
a99ae169810120105c5c0b2812d6a4a8c2fc36030b7e8cd4a17be7c5e669f9ca
a9f66d205f7a63db598d796d9a0b758e3d3d7a16c1345671d5f342f87da4a2ae
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21
ac88d5594067b271d13ab8e8b1ade7b699e84e0ca3c4957e05eae59499e4f97c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2230514e38f734bcd701ef95f5ab4f9c8e21317ca3f714c898d4c0398cbf829
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b4edcfba76c9864b84a58936829e2fb9dbbaed7df2f064a3f7039e0cde279c52
b52f81c3d54febedfac6ccfdddfd58e70925e42dfacbc5193a38d4b00816f892
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b822256d90dbf2bc6e89e4dc5e2ef9cde3d76ed199b3a28effe98c4864a5fba9
ba8451f39b0887dfff955335e5bf9007d350bf5c2d9f5ef697e07275ecbc331a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bf92b4f3441334f72ed74b12356b4b9cf585c7140724dd7274cc0ea76c6de2c0
c047631cfa8c1091a5346d84b9927d4dcb26d987895e03f32c747e7dfc266402
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39da705be2fc19414a2bac8523825e83e839bc81994f6d5d186c2e437a5f0e7
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c54b209f45e149431545e42174dbb522b188a2aa892f0b97e426f4fd3e931cd5
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c7513afc284ce0720e7f9a2c4b6e99d4839b334e8e2087ae912134d77a828edf
c914836f4c8aedbb1bcb4e21a6e92578df99e9dfb8e7533e1609da8693a0b794
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb875e87ed4562b91c030a38551185a7592e570c5721a89581788f32af654f30
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf15bbf4c9adccb509fcfed144241655b0d396b6d2cda6b8c63724f40ced540f
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d13067db4d0855823e530e1f3d3e20be24a2b820dfe4eeb3d47c757ae9da39fe
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d46c70efcb50745e70f757e589f472b17d715c426f8eae71bbd8b1e30d4b4e7f
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9e6566e0df97e52ec6703453d4e4674fcc912d6f20a3eb4504d14910db4c98a
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
df4dc08a1cba26d8f07249b81a79951643128babe0a7a39e6fed51442b43d9ff
df64afd1621395a39699e165ffa0d9613a03399c49f621b8c7770fcd24016a46
e136212b0a09cd9749081c9cff9854921ad1f4a8ebd7d84bee563c000ed132b5
e16f9d1e6903989b5ac31359c426715e958a4504ada16b32d50d5839a6be81dc
e27f8d7e1816a913c812dd24a385090c8e78f560df5d54744c446083a6cf0643
e2fdf8dc183e5593742f5eefae23e30a8217dd99c395b3aed04a01f6c1abbeb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e4ab52caaa9e7e1c45e0844b92e139865d1d41eb47c9f5b45b148a550763e606
e714d34c5534ade85ab7c329944c975299ba5e3a89d6e38b585da08581253f75
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8d9271049469cc1d8f8a263abfdbd1f6e4c566495b192dcff36e272ad28f671
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed5cd39e40395c9b7329b084b9c1c3b4d605c12b4d6c5e5a38c0ca0588c18330
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee0004548e9a288ee74ca03ef03df7a7959490b994895c1b02df8939c677c01e
eee46911d5233c3785905d83915f70de6e1af9333ba495a9f15ebdb86b568a3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef32964843f93376df3deee2dc29570bb98f9df7f46ad258416e17bff4db3cca
f1930518fbc6c947251079335ae1aed2b0fc7f65f7285d85929603e21aedb999
f2088dde33a0d2d2a0d6ab03ea72a8c9001989b4d4ee9a3bd71db08d8f9a4c2f
f380492617b3682dd24cfcce7819c5c9774b6191a86df94705e69ca76b74daa4
f3c70949250ae056777c4355adc5b9f915097af80ce54660e779b3f0e62cd912
f3e24149c8fcab3dd66de5cc2e3fc60de98c8fe95b1ef587983e2f9ea0144cd4
f4265a764bc056a666e879f04b12e5e27e3b74f1228ea95f29ec099e3c03b265
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f63c6fcbbff01739456f2e2b506b0cba7948176a1957c592f862620a07a73473
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fab296cab94da7d89bf87ad39af82557f7a61fba99b2e2e7c5b3e29705e7fd01
fb502d2699fa1cc395b0490349ddfe62598a52ad2889b3e1f6418328ddd4075d
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
fd6723b8bbe92c15e18929286fe011894f8ef9acc7837c54bd2b04420b3fbff6
fd79d39bc5e9e5d6898da2b2cf9cdc96da75a6489620de005eacedc1a3376a8c
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322