us.my-vps.ml Open in urlscan Pro
107.182.22.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://us.my-vps.ml/
Effective URL:
https://us.my-vps.ml/
Submission: On March 18 via manual (March 18th 2021, 4:49:18 pm UTC) from US

Summary HTTP 190 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 52 domains to perform 190 HTTP transactions. The main IP is 107.182.22.203, located in Los Angeles, United States and belongs to IT7NET, CA. The main domain is us.my-vps.ml.
TLS certificate: Issued by R3 on February 20th 2021. Valid for: 3 months.

This is the only time us.my-vps.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	107.182.22.203 107.182.22.203	25820 (IT7NET) (IT7NET)
2 6	88.221.221.73 88.221.221.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2a04:4e42:1b:... 2a04:4e42:1b::731	54113 (FASTLY) (FASTLY)
5	72.247.225.32 72.247.225.32	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.226.158.204 13.226.158.204	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	95.100.70.75 95.100.70.75	16625 (AKAMAI-AS) (AKAMAI-AS)
3	184.86.103.203 184.86.103.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	104.85.251.43 104.85.251.43	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.107.160.24 104.107.160.24	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.17.141.216 52.17.141.216	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
5	213.19.162.61 213.19.162.61	3356 (LEVEL3) (LEVEL3)
1	3.227.115.231 3.227.115.231	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	54.171.45.143 54.171.45.143	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	54.227.217.126 54.227.217.126	14618 (AMAZON-AES) (AMAZON-AES)
1	172.227.98.16 172.227.98.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1	104.108.41.56 104.108.41.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::19 2620:1ec:46::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2	104.86.49.58 104.86.49.58	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1 13	52.215.241.211 52.215.241.211	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.171 208.100.17.171	32748 (STEADFAST) (STEADFAST)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.126.158.103 3.126.158.103	16509 (AMAZON-02) (AMAZON-02)
3 4	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	52.0.219.4 52.0.219.4	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	34.196.207.72 34.196.207.72	14618 (AMAZON-AES) (AMAZON-AES)
1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	213.19.147.151 213.19.147.151	26120 (RHYTHMONE) (RHYTHMONE)
3 3	34.246.61.84 34.246.61.84	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.46 124.146.215.46	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
190	57

5 107.182.22.203 (Los Angeles, United States) 1 redirects

ASN25820 (IT7NET, CA)
PTR: 107.182.22.203.16clouds.com

us.my-vps.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.221.221.73 (Berlin, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-221-73.deploy.static.akamaitechnologies.com

zdstatic.speedtest.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a04:4e42:1b::731 (United States)

ASN54113 (FASTLY, US)

b.cdnst.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.247.225.32 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-32.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.70.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-70-75.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.86.103.203 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-203.deploy.static.akamaitechnologies.com

cdn.ziffstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.251.43 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-251-43.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.240 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.107.160.24 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-160-24.deploy.static.akamaitechnologies.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.17.141.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-141-216.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ookla-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.115.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-115-231.compute-1.amazonaws.com

gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.45.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

83885d4b91803ffdce5e27b1aab8ad97.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.227.217.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.227.98.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a172-227-98-16.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.41.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.86.49.58 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.215.241.211 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.171 (United States)

ASN32748 (STEADFAST, US)
PTR: ip171.208-100-17.static.steadfastdns.net

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.158.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.31 (United States) 3 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.219.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-219-4.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.207.72 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-207-72.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.61.84 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-61-84.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.190 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.46 (Setagaya-ku, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com 83885d4b91803ffdce5e27b1aab8ad97.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	159 KB
20	ampproject.org cdn.ampproject.org	392 KB
16	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	150 KB
14	cdnst.net b.cdnst.net	1 MB
13	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	5 KB
10	google.com 4 redirects analytics.google.com adservice.google.com www.google.com	846 B
9	zdbb.net 1 redirects cdn.static.zdbb.net gurgle.zdbb.net zdbb.net jogger.zdbb.net	26 KB
8	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	14 KB
8	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com	129 KB
7	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	22 KB
6	yahoo.com c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com	3 KB
5	servenobid.com ads.servenobid.com public.servenobid.com	5 KB
5	my-vps.ml 1 redirects us.my-vps.ml	47 KB
3	adsrvr.org 3 redirects match.adsrvr.org	2 KB
3	outbrain.com 2 redirects sync.outbrain.com	981 B
3	openx.net ookla-d.openx.net u.openx.net us-u.openx.net	440 B
3	google-analytics.com www.google-analytics.com	54 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	ziffstatic.com cdn.ziffstatic.com	32 KB
3	googletagservices.com www.googletagservices.com	83 KB
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	699 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	google.de www.google.de adservice.google.de	906 B
2	media.net prebid.media.net contextual.media.net	8 KB
2	casalemedia.com htlb.casalemedia.com ssum-sec.casalemedia.com	695 B
2	googletagmanager.com www.googletagmanager.com	106 KB
2	speedtest.net 1 redirects zdstatic.speedtest.net	11 KB
1	rfihub.com 1 redirects p.rfihub.com	751 B
1	socdm.com 1 redirects tg.socdm.com	686 B
1	emxdgt.com cs.emxdgt.com
1	mathtag.com 1 redirects sync.mathtag.com	836 B
1	contextweb.com 1 redirects bh.contextweb.com	382 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	585 B
1	zemanta.com 1 redirects b1sync.zemanta.com	690 B
1	technoratimedia.com sync.technoratimedia.com	293 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	stackadapt.com sync.srv.stackadapt.com	168 B
1	bidswitch.net x.bidswitch.net	146 B
1	onetag-sys.com onetag-sys.com	818 B
1	33across.com pixel.33across.com
1	indexww.com js-sec.indexww.com	1 KB
1	rlcdn.com api.rlcdn.com	219 B
1	bluekai.com stags.bluekai.com	338 B
1	krxd.net cdn.krxd.net	394 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	taboola.com trc.taboola.com	328 B
1	evidon.com c.evidon.com	451 B
190	52

	Domain	Requested by
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net us.my-vps.ml cdn.ampproject.org tpc.googlesyndication.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
14	b.cdnst.net	us.my-vps.ml b.cdnst.net
12	rtb.gumgum.com	1 redirects g2.gumgum.com
10	securepubads.g.doubleclick.net	www.googletagservices.com b.cdnst.net securepubads.g.doubleclick.net us.my-vps.ml
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	www.google.com	4 redirects securepubads.g.doubleclick.net us.my-vps.ml
5	fastlane.rubiconproject.com	b.cdnst.net
5	c2shb.ssp.yahoo.com	b.cdnst.net
5	ib.adnxs.com	2 redirects b.cdnst.net acdn.adnxs.com
5	ads.pubmatic.com	us.my-vps.ml b.cdnst.net g2.gumgum.com ads.pubmatic.com
5	us.my-vps.ml	1 redirects us.my-vps.ml b.cdnst.net
4	googleads.g.doubleclick.net	us.my-vps.ml
4	ads.servenobid.com	b.cdnst.net public.servenobid.com g2.gumgum.com
4	cdn.static.zdbb.net	1 redirects us.my-vps.ml cdn.static.zdbb.net
3	match.adsrvr.org	3 redirects
3	sync.outbrain.com	2 redirects g2.gumgum.com
3	zdbb.net	cdn.static.zdbb.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com us.my-vps.ml
3	sb.scorecardresearch.com	1 redirects us.my-vps.ml www.googletagmanager.com
3	cdn.ziffstatic.com	zdstatic.speedtest.net cdn.ziffstatic.com
3	www.googletagservices.com	us.my-vps.ml securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	b.cdnst.net c.amazon-adsystem.com
2	sync-tm.everesttech.net	2 redirects
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	ap.lijit.com	2 redirects
2	eus.rubiconproject.com	b.cdnst.net eus.rubiconproject.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	www.googletagmanager.com	us.my-vps.ml www.googletagmanager.com
2	zdstatic.speedtest.net	1 redirects us.my-vps.ml
1	token.rubiconproject.com	eus.rubiconproject.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	g2.gumgum.com
1	cm.g.doubleclick.net	g2.gumgum.com
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	g2.gumgum.com
1	sync.srv.stackadapt.com	g2.gumgum.com
1	us-u.openx.net	g2.gumgum.com
1	x.bidswitch.net	g2.gumgum.com
1	secure.adnxs.com	1 redirects
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	onetag-sys.com	public.servenobid.com
1	pixel.33across.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	js-sec.indexww.com	b.cdnst.net
1	acdn.adnxs.com	b.cdnst.net
1	u.openx.net	b.cdnst.net
1	public.servenobid.com	b.cdnst.net
1	contextual.media.net	b.cdnst.net
1	api.rlcdn.com	ads.pubmatic.com
1	stags.bluekai.com	tags.bkrtx.com
1	cdn.krxd.net	cdn.static.zdbb.net
1	tags.bkrtx.com	cdn.static.zdbb.net
1	jogger.zdbb.net	cdn.static.zdbb.net
1	83885d4b91803ffdce5e27b1aab8ad97.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	us.my-vps.ml
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	gurgle.zdbb.net	cdn.static.zdbb.net
1	ookla-d.openx.net	b.cdnst.net
1	hbopenbid.pubmatic.com	b.cdnst.net
1	prebid.media.net	b.cdnst.net
1	htlb.casalemedia.com	b.cdnst.net
1	trc.taboola.com	us.my-vps.ml
1	c.evidon.com	zdstatic.speedtest.net
190	77

This site contains links to these domains. Also see Links.

Domain
downdetector.com
www.speedtest.net
www.ookla.com
www.microsoft.com
install.speedtest.net
twitter.com
www.facebook.com
single.speedtest.net
www.ziffdavis.com
www.ign.com
www.pcmag.com
www.extremetech.com
www.geek.com
www.toolbox.com
www.askmen.com
www.offers.com
status.ookla.com

Subject Issuer	Validity	Valid
*.my-ssh.ml R3	`2021-02-20` - `2021-05-21`	3 months	crt.sh
www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA	`2021-03-03` - `2022-02-25`	a year	crt.sh
www.speedtest.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-03` - `2021-05-05`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.evidon.com DigiCert Secure Site ECC CA-1	`2020-04-29` - `2021-07-29`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.servenobid.com Amazon	`2021-02-12` - `2022-03-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-11` - `2021-08-03`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.zdbb.net Amazon	`2020-06-03` - `2021-07-03`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
zdbb.net Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2020-02-28` - `2021-05-29`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
public.servenobid.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-08-25`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://us.my-vps.ml/
Frame ID: C014EC426445A300BF822DBBC56C6302
Requests: 83 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dus.my-vps.ml&phint=referer%3Dhttps%3A%2F%2Fus.my-vps.ml%2F&phint=bbseg%3D900002&phint=__bk_t%3DSpeedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&phint=__bk_k%3Dookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeed%20test%2Cbandwidth%20speed%20test%2Cinternet%20speed%20test%2Cbroadband%20speed%20test%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cip%20address%2Ctcp&phint=__bk_l%3Dhttps%3A%2F%2Fus.my-vps.ml%2F&phint=__bk_v%3D3.1.9&limit=10&r=77977208
Frame ID: 0D70367D7214DDCC0535B2A831E60EC9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 75316E4073730F3154DDE84B298647E0
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 6FF0D341068FDE71ACFCF235CB82555B
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 395C58F8F0CEA2C3D2FB351E97E31767
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst46tx-sIP7WvG8dIVk8J5hcXkDmUKu9NVus77AbKUbFzhu0lSF3G7OQ017pF7uJCu3EXqXbHCHDCO8EFPGGDBsT4aJVcpjrFAjs7pBYOd4ItP4a5beW1pS9Jq-yZz7xZ3US51hw43Eit97djwAqpxb4Q0RlNIp5X1H9m_4d0FCPEniY-GGYgExt74lU6aJj9T37v4QpivfIsz1bq3cwGndBKbhmXRih3Kz78D0LocQOMAydNt2H9kViloBSGAjMUhJ0fJ-GArSs8WDGsiZRHp7RxtBtXNYOwDbfe4lgFXpueHrSQNUAt1TA7o957s4xBLsQQ&sai=AMfl-YQypI1lBGurRH62Pz3EQQgsjtkU73teYViZPHT_YXk9lTZjKnVNu3BlBq9IFTz4J_MSu7TGjYrCNIZuhHKsp_w5AjarCx3NzjXYg1nmuXBDHTZbIXUetqgrOi0Q9UfH&sig=Cg0ArKJSzNYjegPI4Yp4EAE&adurl=
Frame ID: 71683EB278DA6828A0978B54A8DE8294
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 534A2344C20EC9EE611DA6ABC7B576D6
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3A940B4903BE3E01D694CD31B49CB849
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUYEJ1S6&prvid=77&purpose1=1&gdprconsent=0&usp_status=1&usp_consent=1&itype=PREBID
Frame ID: AB170C8CCEB2A30DCB6215662ABB1E43
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&usp_consent=1YNY
Frame ID: 62E194C83E1E89D1CFB361693602E01B
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Frame ID: 91EC66BE6CFFC75A5CFD6EB8491EBF92
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C472F844C2F90F8BCCD75C6FA50861DE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 09866818AAA0A0D256DA493EC1BEFB40
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Frame ID: 6C603CB762F325F296D91FB9EF8F7DDD
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 71369CB0D9E3D74C55C825119CC66F44
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Frame ID: B3CF97DE67685B4968D727F778A7BD02
Requests: 13 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D9963%26uid%3D33XUSERID33X
Frame ID: 828A6FD73446F6C3EB71F867C6DBB9C1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D7296%26uid%3D
Frame ID: 40E73D46E0FED14AFA5B67EB11F7435F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&d=https://us.my-vps.ml/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E087F320908C87AF36401833D2DDEE05
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=902c6053-8481-4100-9b3e-e10ee5ce1a4d&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
Frame ID: 82DD4C1F1E869672262401AA07864150
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YFOEgQAAAInlsCrK&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&_test=YFOEgQAAAInlsCrK
Frame ID: 915206DB5B5182772013635356C36B70
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMjFlZjgwNC00M2Y3LTQ0OTUtYmY4Ni00Mzc5ZDY1Y2RhNTk=&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
Frame ID: ECDF2BF6637DA8A8F8F917C48442F1BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
Frame ID: 399D7575997E0EBF898203107DA193F6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd&t=1618678146
Frame ID: 00FF4105A469C359C7D176AB1F2B2D29
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 011AFD3AB750FC5959089F647804FDF1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YFOEgsCo8XYAAPYHNoYAAAAA
Frame ID: BF6975E331BDC0EEACDBCAC36970B7E6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1870471593589978445
Frame ID: 88B11165ACF040A9D2A267BC84F93258
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=GtwGPGnvCCECGUbYVvxu&pi=gumgum&tc=1
Frame ID: 0EAD32A9025DD594D456773BB7D47B44
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6B21D3C03B4BD35F08304B41FC933A36
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://us.my-vps.ml/ HTTP 308
https://us.my-vps.ml/ Page URL

Detected technologies

Go (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Caddy$/i

Caddy (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Caddy$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

190
Requests

99 %
HTTPS

27 %
IPv6

52
Domains

77
Subdomains

57
IPs

7
Countries

2690 kB
Transfer

7994 kB
Size

5
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://downdetector.com/enterprise/
Title: Downdetector Enterprise

Search URL Search Domain Scan URL

URL: https://www.speedtest.net/login
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.ookla.com/speedtest-servers
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/p/speedtest-by-ookla/9nblggh4z1jc

Search URL Search Domain Scan URL

URL: https://install.speedtest.net/app/windows/latest/speedtestbyookla_x64.msi
Title: 64-bit

Search URL Search Domain Scan URL

URL: https://install.speedtest.net/app/windows/latest/speedtestbyookla_x86.msi
Title: 32-bit

Search URL Search Domain Scan URL

URL: https://twitter.com/speedtest
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/speedtest
Title: Facebook

Search URL Search Domain Scan URL

URL: https://single.speedtest.net/
Title: Single Connection Test

Search URL Search Domain Scan URL

URL: https://www.ookla.com/enterprise
Title: Ookla® Solutions

Search URL Search Domain Scan URL

URL: https://www.ookla.com/partnerships
Title: Partnerships & Programs

Search URL Search Domain Scan URL

URL: https://downdetector.com/
Title: Downdetector®

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/cookie-policy
Title: Cookie Policy.

Search URL Search Domain Scan URL

URL: https://www.ookla.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.ookla.com/ookla-for-good
Title: Ookla for Good

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/
Title: Ziff Davis

Search URL Search Domain Scan URL

URL: https://www.ign.com/
Title: IGN

Search URL Search Domain Scan URL

URL: https://www.pcmag.com/
Title: PCMag

Search URL Search Domain Scan URL

URL: https://www.extremetech.com/
Title: ExtremeTech

Search URL Search Domain Scan URL

URL: https://www.geek.com/
Title: Geek

Search URL Search Domain Scan URL

URL: https://www.toolbox.com/
Title: Toolbox

Search URL Search Domain Scan URL

URL: https://www.askmen.com/
Title: AskMen

Search URL Search Domain Scan URL

URL: https://www.offers.com/
Title: Offers.com

Search URL Search Domain Scan URL

URL: https://status.ookla.com/
Title: Network Status

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://us.my-vps.ml/ HTTP 308
https://us.my-vps.ml/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://zdstatic.speedtest.net/jst/zdconsent.js HTTP 302
https://zdstatic.speedtest.net/jst/eu/zdconsent.js

Request Chain 20

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Request Chain 21

https://sb.scorecardresearch.com/b?c1=2&c2=6036316&ns__t=1616086141278&ns_c=UTF-8&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c7=https%3A%2F%2Fus.my-vps.ml%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1616086141278&ns_c=UTF-8&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c7=https%3A%2F%2Fus.my-vps.ml%2F&c9=&cs_ak_ss=1

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 135

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 145

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 166

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D8187%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D8187%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=8187&uid=4976781122728260662

Request Chain 167

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D1647%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D1647%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&cbimg=1647&uid=b82630c5ed0a64e90e40d95c

Request Chain 172

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=4976781122728260662

Request Chain 174

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%288ZqWmJk-Y4hLsjejypppcCgfWO7G05vKZgsAnTx_HGtjEpyII0198_7v8CB0PZBe%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%288ZqWmJk-Y4hLsjejypppcCgfWO7G05vKZgsAnTx_HGtjEpyII0198_7v8CB0PZBe%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_d21ef804-43f7-4495-bf86-4379d65cda59&obuid=ENC(8ZqWmJk-Y4hLsjejypppcCgfWO7G05vKZgsAnTx_HGtjEpyII0198_7v8CB0PZBe) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 178

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=da36ce2f-8809-11eb-8894-fb4ff9ffa6b2

Request Chain 180

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d21ef804-43f7-4495-bf86-4379d65cda59&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY

Request Chain 181

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5843787935 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b01c2858-25f7-4d0c-bcb4-f0529462334e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b01c2858-25f7-4d0c-bcb4-f0529462334e-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-b01c2858-25f7-4d0c-bcb4-f0529462334e-003

Request Chain 182

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=LcXnzofzMND6&ev=1&pid=558355

Request Chain 184

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=902c6053-8481-4100-9b3e-e10ee5ce1a4d&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA

Request Chain 185

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&_test=YFOEgQAAAInlsCrK HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YFOEgQAAAInlsCrK&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&_test=YFOEgQAAAInlsCrK

Request Chain 188

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd&t=1618678146

Request Chain 190

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YFOEgsCo8XYAAPYHNoYAAAAA

Request Chain 191

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1870471593589978445

Request Chain 192

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=GtwGPGnvCCECGUbYVvxu&pi=gumgum&tc=1

190 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
us.my-vps.ml/
Redirect Chain

http://us.my-vps.ml/
https://us.my-vps.ml/

108 KB
32 KB

585ms
199ms

Document
text/html

107.182.22.203
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.my-vps.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.182.22.203 Los Angeles, United States, ASN25820 (IT7NET, CA),

Reverse DNS

107.182.22.203.16clouds.com

Software

Caddy /

Resource Hash

86e2edd0e015f395eb77e33fea944acdcf44fa4658b2e7f5ce8cab1c25c96228

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Frame-Options	DENY

Request headers

:method: GET
:authority: us.my-vps.ml
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
cache-control: private
content-encoding: gzip
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 18 Mar 2021 16:49:00 GMT
etag: W/"1b082-uVbilxvSh5GUkvKdIlqO5BZ900s"
server: Caddy
strict-transport-security: max-age=63072000
vary: Origin, Accept-Encoding
x-envoy-upstream-service-time: 20
x-frame-options: DENY
content-length: 32392

Redirect headers

Location: https://us.my-vps.ml/
Server: Caddy
Strict-Transport-Security: max-age=63072000
Date: Thu, 18 Mar 2021 16:48:59 GMT
Content-Length: 0

GET
H2

200

zdconsent.js Show response
zdstatic.speedtest.net/jst/eu/
Redirect Chain

https://zdstatic.speedtest.net/jst/zdconsent.js
https://zdstatic.speedtest.net/jst/eu/zdconsent.js

28 KB
11 KB

70ms
70ms

Script
application/javascript

88.221.221.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://zdstatic.speedtest.net/jst/eu/zdconsent.js
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.221.73 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-221-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c85056e73398226f91328e405a0df1f9b26130e75a4caf62959c8da8774d20c8

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VJNgzVNklCSVqKjDlU5h0IpUWMWGjKUd
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 18:22:29 GMT
x-amz-request-id: HQ3703S3KRT2ZJXW
etag: "7fbaf9286c051676f3d76c94b8272a29"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Thu, 18 Mar 2021 16:49:00 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 10642
x-amz-id-2: YhO5fCKP1+33ABRsEJ1AzRqsiGJ1Ii6eZ+l+DZ7mkWym+ntKWrFI3ow5UEo+g6UIYDnTgC0UFwo=
expires: Fri, 19 Mar 2021 16:49:00 GMT

Redirect headers

location: https://zdstatic.speedtest.net/jst/eu/zdconsent.js
date: Thu, 18 Mar 2021 16:49:00 GMT
cache-control: max-age=86400
content-length: 0
expires: Fri, 19 Mar 2021 16:49:00 GMT

GET
H2 200 amazon.js Show response
b.cdnst.net/javascript/ 551 B
619 B 30ms
8ms Script
application/javascript 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/amazon.js

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f983d992f18cc6a5024a1fb94062872c8c1c9ddd3d936289cfb01b720a0c03d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:30:15 GMT
x-frame-options: DENY
etag: W/"227-177df9b06d8"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 326
date: Thu, 18 Mar 2021 16:49:00 GMT

GET
H2 200 adsjs.js Show response
us.my-vps.ml/javascript/ 25 B
296 B 941ms
940ms Script
application/javascript 107.182.22.203
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.my-vps.ml/javascript/adsjs.js

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.182.22.203 Los Angeles, United States, ASN25820 (IT7NET, CA),

Reverse DNS

107.182.22.203.16clouds.com

Software

Caddy /

Resource Hash

32b0ffbdaf288de753cd11b89e702c4c5c140b7a86037c852ebc341ad99c5f47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
vary: Origin, Accept-Encoding
last-modified: Fri, 26 Feb 2021 18:30:15 GMT
server: Caddy
etag: W/"19-177df9b06d8"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
date: Thu, 18 Mar 2021 16:49:01 GMT
x-envoy-upstream-service-time: 718
strict-transport-security: max-age=63072000
access-control-allow-credentials: true
content-length: 25

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159017/2865/ 271 KB
83 KB 218ms
91ms Script
text/javascript 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159017/2865/pwt.js
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f35b2c57ab594885cbb05cbdc88d13a52d267baa14248c2b84e5dcc3064bd004

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:49:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:40:53 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10e1230-43a34-5b2d6f8fd96d1"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=58305
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 84239
Expires: Fri, 19 Mar 2021 09:00:45 GMT

GET
H2 200 HCo_fonts.css
b.cdnst.net/fonts/ 144 KB
109 KB 26ms
9ms Stylesheet
text/css 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/fonts/HCo_fonts.css

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a53537e14de571320c27235939e4eabba481cbddcb481e90683af387ffb74b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
x-frame-options: DENY
etag: W/"24005-177df9b02f0"
vary: Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
accept-ranges: bytes
content-length: 111462
date: Thu, 18 Mar 2021 16:49:00 GMT

GET
H2 200 main.4c49c77b3f8005a13aac85073b58541e.css
b.cdnst.net/styles/ 152 KB
24 KB 25ms
9ms Stylesheet
text/css 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/styles/main.4c49c77b3f8005a13aac85073b58541e.css

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df2d59b23775b45d04ed528164febd07a0e6d1265726a85de577a038d46c7fe9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:30:15 GMT
x-frame-options: DENY
etag: W/"25e9a-177df9b06d8"
vary: Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 24268
date: Thu, 18 Mar 2021 16:49:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 200ms
81ms Script
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/amazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:44:39 GMT
content-encoding: gzip
server: Server
age: 261
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: atwf3Am29idjSMBJfIsFlGSndXsU69b9-F8HgJAaYlaJoHrru_xrvA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 58 KB
20 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a6a9f80d8c90e70e888ad70d3ddced62a123f41e4602ebd5d239ba6eb6360f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "815 / 619 of 1000 / last-modified: 1616065930"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19838
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 prebid.4.13.0.min.js Show response
b.cdnst.net/javascript/ 239 KB
76 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/prebid.4.13.0.min.js

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

43bbb4f1a4cf81b6a334b78598e1f96defcc45579b65a9c18c5aa2792aeea9f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:30:15 GMT
x-frame-options: DENY
etag: W/"3bcd9-177df9b06d8"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
accept-ranges: bytes
content-length: 77801
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 239 B
451 B 164ms
54ms Script
application/x-javascript 95.100.70.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: zdstatic.speedtest.net
URL: https://zdstatic.speedtest.net/jst/zdconsent.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.100.70.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-70-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a51c2175969551e059e024f78c1a57067d10a206930c85a73d8cd2c16d63b0c9

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:01 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2020 23:48:07 GMT
server: AkamaiNetStorage
etag: "9528a3649233d0f80223cbdd99654066:1584229687.087086"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 165

GET
H2 200 evidon-sitenotice-bundle.js Show response
cdn.ziffstatic.com/sitenotice/ 210 KB
22 KB 179ms
49ms Script
application/javascript 184.86.103.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Requested by: Host: zdstatic.speedtest.net
URL: https://zdstatic.speedtest.net/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 46b019ff39ebc25ff6beb67574cfbed22bb8d48c94c87d64d93ed21f003d9e39

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oc5RKUL7fR8INOMEkXFo_gg2UhgiDdR2
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 16:12:01 GMT
x-amz-request-id: 61DD6CAF80G6786X
etag: "fc328c42c0a217c176e9c359d9e550eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Thu, 18 Mar 2021 16:49:01 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 22072
x-amz-id-2: sSGDqgrk0cydZWJYZ/OvN4/seyu/ecYGz5QHkUPyL6ou2IDV0zj2mxwAo93shkpSqpULBLYKbLw=
expires: Fri, 19 Mar 2021 16:49:01 GMT

GET
H2 403 settings.js
cdn.ziffstatic.com/sitenotice/660/my-vps/ 0
0 282ms
161ms Script
application/xml 184.86.103.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/660/my-vps/settings.js
Requested by: Host: zdstatic.speedtest.net
URL: https://zdstatic.speedtest.net/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 873ms
758ms XHR
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: DUS51-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Thu, 18 Mar 2021 16:49:02 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: 3YWVNGCFeaL0dzQVGrgw6JONYlqU83Q6Oa54Kqh5bbMGCLkwzWrEOQ==

GET
H2 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
101 KB 153ms
53ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
55 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3c16a2fc03364a14394cc34a3857526d37d1c0d10a82109aca93e2dfdf1ed88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56424
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Mar 2021 16:49:01 GMT

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0e541744f676604437a82dbb6da707498b427560f66770bbbf1cc9e0871130

Request headers

Origin: https://us.my-vps.ml
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 862eff8a57590f8e85dd621b011f688df35f8efea22f441abedef959721cc979

Request headers

Origin: https://us.my-vps.ml
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 speedtest-main.js Show response
b.cdnst.net/javascript/ 3 MB
778 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/speedtest-main.js?v=c256aa200faab05c6c69093d49c73650

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e99332578950ab9e8706a2315d9e930344eeaad4508f85aa41079b5e301ed8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:34:42 GMT
x-frame-options: DENY
etag: W/"2d1994-177df9f19d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 796015
date: Thu, 18 Mar 2021 16:49:01 GMT

GET gaugemono-regular-webfont.woff2
b.cdnst.net/fonts/ 0
0

GET gaugemono-regular-webfont.woff
b.cdnst.net/fonts/ 0
0

GET
H2

200

z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/eu/js/
Redirect Chain

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

83 KB
24 KB

68ms
67ms

Script
application/javascript

88.221.221.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.221.73 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-221-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c22819eec511a6d5ecb08ae505defdd52ceb14f7a37e779f611ba8b172349648

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rkhGo52mIRugnnleXZrBWUx.32KKrayQ
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 14:58:00 GMT
x-amz-request-id: EBBC5FA25410E400
date: Thu, 18 Mar 2021 16:49:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24046
x-amz-id-2: CqWQAtNjXCRscADzfIGvUOqvM7WXnEJyAg4sDcW2OBG66O85RIr33Vg/bB9fzMMHHmmfwyHLXoY=
expires: Fri, 19 Mar 2021 16:49:01 GMT

Redirect headers

location: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
date: Thu, 18 Mar 2021 16:49:01 GMT
cache-control: max-age=86400
core-eu: Yes
content-length: 0
expires: Fri, 19 Mar 2021 16:49:01 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036316&ns__t=1616086141278&ns_c=UTF-8&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c7=https%3A%2F%2Fus.my-vps.ml%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1616086141278&ns_c=UTF-8&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c7=https%3A%2F%2Fus.my-vps.ml%2F&c9=&cs_ak...

0
528 B

57ms
56ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1616086141278&ns_c=UTF-8&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c7=https%3A%2F%2Fus.my-vps.ml%2F&c9=&cs_ak_ss=1
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036316&ns__t=1616086141278&ns_c=UTF-8&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c7=https%3A%2F%2Fus.my-vps.ml%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 126ms
70ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=c256aa200faab05c6c69093d49c73650

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

d19626af7b59219bbf62f95f41403628590340cd66d60185302d18b7e9aaadc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "815 / 701 of 1000 / last-modified: 1616065824"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19840
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:49:01 GMT

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d815893ea34e5805c4cfb5e497b666f690fa80a5153bb757437bf6bfd3abb47c

Request headers

Origin: https://us.my-vps.ml
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

427d3fe34ee483cd0eb45fec24cab02770f49e0b42840379c6c4a52e13019c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52347
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2786
date: Thu, 18 Mar 2021 16:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 18 Mar 2021 18:02:35 GMT

GET
H2 200 gauge-gradient-dl-multi-web.png
b.cdnst.net/images/ 77 KB
77 KB 10ms
8ms Image
image/png 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-dl-multi-web.png

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
etag: W/"132c5-177df9b02f0"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 2
accept-ranges: bytes
content-length: 78533
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 gauge-gradient-ul-multi-web.png
b.cdnst.net/images/ 73 KB
73 KB 10ms
8ms Image
image/png 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-ul-multi-web.png

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
etag: W/"12248-177df9b02f0"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 74312
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 gauge-gradient-dl-single-web.png
b.cdnst.net/images/ 61 KB
61 KB 9ms
7ms Image
image/png 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-dl-single-web.png

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
etag: W/"f3d1-177df9b02f0"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 2
accept-ranges: bytes
content-length: 62417
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 gauge-gradient-ul-single-web.png
b.cdnst.net/images/ 64 KB
64 KB 9ms
7ms Image
image/png 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-ul-single-web.png

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
etag: W/"ff47-177df9b02f0"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 65351
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 English_get-it-from-MS_InvariantCulture_Default.png
us.my-vps.ml/images/ 14 KB
14 KB 205ms
203ms Image
image/png 107.182.22.203
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.my-vps.ml/images/English_get-it-from-MS_InvariantCulture_Default.png

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.182.22.203 Los Angeles, United States, ASN25820 (IT7NET, CA),

Reverse DNS

107.182.22.203.16clouds.com

Software

Caddy /

Resource Hash

2e0da7b78f6365146f0889b05e139587016e6b5e2e1a8d778dbc3272ad0a6278

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
vary: Origin, Accept-Encoding
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
server: Caddy
etag: W/"3879-177df9b02f0"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
date: Thu, 18 Mar 2021 16:49:02 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000
access-control-allow-credentials: true

GET
H2 200 ad-free-125x101-fade-anim-1x.gif
b.cdnst.net/images/ 10 KB
10 KB 17ms
15ms Image
image/gif 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/ad-free-125x101-fade-anim-1x.gif

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f30799e7ea5caddb7b79f074957baeaecccf1a31846993414008331c257d242

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
etag: W/"266b-177df9b02f0"
x-frame-options: DENY
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 9835
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 icg_insights.svg
b.cdnst.net/images/ 1 KB
684 B 16ms
15ms Image
image/svg+xml 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_insights.svg

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4d195a402297509314a9a38df1b8b94f627550aa13fc34aab675a749694e474e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
x-frame-options: DENY
etag: W/"490-177df9b02f0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 2
accept-ranges: bytes
content-length: 632
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 icg_globalindex.svg
b.cdnst.net/images/ 2 KB
906 B 16ms
14ms Image
image/svg+xml 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_globalindex.svg

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e928fd56eb75f5909d953d76a6ec33742a0e9a8cda68205437fa2786b5386752

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
x-frame-options: DENY
etag: W/"80f-177df9b02f0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 854
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 icg_5g.svg
b.cdnst.net/images/ 2 KB
1 KB 16ms
14ms Image
image/svg+xml 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_5g.svg

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f02165b5a4e05eceda936e58979a6f5befb2d879486d62f7c6e43060d5c920cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
x-frame-options: DENY
etag: W/"8e9-177df9b02f0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 1110
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 200 icg_enterprise.svg
b.cdnst.net/images/ 2 KB
563 B 15ms
14ms Image
image/svg+xml 2a04:4e42:1b::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_enterprise.svg

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42:1b::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81f5051a7706193e4279d279605188a8af93b633d6255c6bb99007e8bca65c15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 18:30:14 GMT
x-frame-options: DENY
etag: W/"66c-177df9b02f0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 499
date: Thu, 18 Mar 2021 16:49:01 GMT

GET
H2 204 unip
trc.taboola.com/1288978/log/3/ 0
328 B 210ms
111ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1288978/log/3/unip?en=SpeedTestViewContent&gtmcb=2068989224
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 64
pragma: no-cache
date: Thu, 18 Mar 2021 16:49:02 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616086142.084970,VS0,VE64
x-served-by: cache-fra19173-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 servers Show response
us.my-vps.ml/api/js/ 3 KB
781 B 301ms
301ms XHR
application/json 107.182.22.203
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.my-vps.ml/api/js/servers?engine=js&limit=10&https_functional=true

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=c256aa200faab05c6c69093d49c73650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.182.22.203 Los Angeles, United States, ASN25820 (IT7NET, CA),

Reverse DNS

107.182.22.203.16clouds.com

Software

Caddy /

Resource Hash

d9014aa0e08468c70b6f615d7b6596b1c24081f3bbf10695a7d9c3d7d806ca5d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
server: Caddy
x-frame-options: SAMEORIGIN
date: Thu, 18 Mar 2021 16:49:02 GMT
vary: Origin, Accept-Encoding, Accept-Encoding
content-type: application/json
cache-control: max-age=86400
access-control-allow-credentials: true
x-envoy-upstream-service-time: 78
strict-transport-security: max-age=63072000
content-length: 536
x-xss-protection: 1; mode=block
expires: Fri, 19 Mar 2021 16:49:02 GMT

GET
H2 200 en.js Show response
cdn.ziffstatic.com/sitenotice/660/translations/ 263 KB
10 KB 48ms
48ms Script
application/javascript 184.86.103.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/660/translations/en.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 301e6923c1e099c35ef751cfecd7ac5d0e2d96787fcef47125d2cd87fdc8585d

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6lOPmuNGiwvBF42iCOjdbw0ptvAsPTfW
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 16:08:50 GMT
x-amz-request-id: TXVQZ5X582B7VXJJ
etag: "a2fd11be0798ed559b961ca02ce5b3ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Thu, 18 Mar 2021 16:49:02 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 9559
x-amz-id-2: knkbzS9JGVurS3XkRzIL8uulwPbRpg7HuRI1yoby8KmT6gnM5DlntsU4BZoroxzv+XRMCl55scY=
expires: Fri, 19 Mar 2021 16:49:02 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
369 B 231ms
96ms XHR
application/json 104.85.251.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=184382&v=7.2&r=%7B%22id%22%3A%2212072fa81b50b2%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222751fd50acc9ef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22184382%22%2C%22sid%22%3A%227%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223f7d13d457870c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22184386%22%2C%22sid%22%3A%2211%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224f1de3ce6212be%22%2C%22ext%22%3A%7B%22siteID%22%3A%22184384%22%2C%22sid%22%3A%229%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255ab10eb97c184%22%2C%22ext%22%3A%7B%22siteID%22%3A%22184385%22%2C%22sid%22%3A%2210%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2269efb606b280f2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22184383%22%2C%22sid%22%3A%228%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fus.my-vps.ml%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.251.43 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-43.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7cf04ae8518545366545a936bdfa8b7fb26d6ff81c46e93af6fcab60c17e1798

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:02 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[PL], RC:[], CN:[EU], CIP:[194.99.105.99], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://us.my-vps.ml
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 09
expires: Thu, 18 Mar 2021 16:49:02 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 576 B
1003 B 156ms
52ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

040176e0235488585ac9d14c7c33276b6eaf30e7f9ada751efa412fa47d36e44

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Mar 2021 16:49:02 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a8734e30-af0b-488b-96df-6ef4dbc09883
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://us.my-vps.ml
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 323 B
530 B 356ms
220ms XHR
application/json 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUYEJ1S6
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-160-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b654867cfd3e2947e60767d43391e95f2cf27a1658e5326252671872ac48c9a0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:02 GMT
server: nginx
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://us.my-vps.ml
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 323
expires: Thu, 18 Mar 2021 16:49:02 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 3 KB
2 KB 276ms
142ms XHR
application/json 52.17.141.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8416
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2374e5f7df11c2c984c1e35795d1ed678f60b099f4cce5b5450484826f9478cc

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Mar 2021 16:49:02 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://us.my-vps.ml
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 188ms
86ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:02 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid: 7ded0eb5-cb3d-49c1-b7c3-43c330268a36
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://us.my-vps.ml
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 188ms
81ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://us.my-vps.ml
date: Thu, 18 Mar 2021 16:49:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
ookla-d.openx.net/w/1.0/ 74 B
226 B 77ms
69ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ookla-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fus.my-vps.ml%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d281bdc5-6d2c-49a7-9df0-77c84e90ba8d%2C3529c267-b55f-4ddb-9933-a34817c53c3c%2Cf682146d-2ea1-4556-aeb5-00c735dd2d11%2C436b043e-375c-446a-a00a-a41e1e1fbbe2%2C612e19d5-721f-417f-b5c3-d9502c386683&nocache=1616086142033&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1YNY&aus=728x90%7C160x600%7C300x250%7C300x250%7C728x90&divIds=%252F6692%252Fspeedtest.net%252Fstnext_leaderboard%2C%252F6692%252Fspeedtest.net%252Fstnext_skyscraper%2C%252F6692%252Fspeedtest.net%252Fstnext_top_rectangle%2C%252F6692%252Fspeedtest.net%252Fstnext_bottom_rectangle%2C%252F6692%252Fspeedtest.net%252Fstnext_lowerboard&auid=538306129%2C538306131%2C538306127%2C538306123%2C538306126
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: f9ca3e841c0251e019f321d3c625fb2c3e1907ee085146f88424215f48027266

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:02 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://us.my-vps.ml
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 80
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 339ms
220ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969009017373bfc8dcc112d91b00af&pos=stnext_leaderboard_728x90&cmd=bid&secure=1&gdpr=1&euconsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 73d81a855d493cc82256d7146635d1672d04e105eff9ea2c33193abdbd1e2e1b

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://us.my-vps.ml
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 403ms
285ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969009017373bfc8dcc112d91b00af&pos=stnext_skyscraper_160x600&cmd=bid&secure=1&gdpr=1&euconsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 6f727fa820b7927b5f3dc20327f7940f16c7d9a2ce75fe841b3ec1cf43d71623

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://us.my-vps.ml
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 255ms
136ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969009017373bfc8dcc112d91b00af&pos=stnext_top_rectangle_300x250&cmd=bid&secure=1&gdpr=1&euconsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: f4127b23515a02e151673a10ad6c04af1fbe199d4b79a4492b04c1cf5dd536b7

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://us.my-vps.ml
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 334ms
215ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969009017373bfc8dcc112d91b00af&pos=stnext_bottom_rectangle_300x250&cmd=bid&secure=1&gdpr=1&euconsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 20befa16cf8d46f47eb1fb02c2a4cd244914e18338e139895c42bcfb8e444233

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://us.my-vps.ml
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 287ms
160ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969009017373bfc8dcc112d91b00af&pos=stnext_lowerboard_728x90&cmd=bid&secure=1&gdpr=1&euconsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 02f620f40dd428b49581375041d161ae29cc2bd9ba66b78d8092e54969ef75d6

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://us.my-vps.ml
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 238 B
714 B 254ms
71ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=2&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&rf=https%3A%2F%2Fus.my-vps.ml%2F&tk_flint=pbjs_lite_v4.13.0&x_source.tid=d281bdc5-6d2c-49a7-9df0-77c84e90ba8d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.56711311097814
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3793ff27af81a0646b0eef478fdfeee605a57e04958ce3a8bcd2a584440756a2

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://us.my-vps.ml
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 238 B
714 B 247ms
64ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=9&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&rf=https%3A%2F%2Fus.my-vps.ml%2F&tk_flint=pbjs_lite_v4.13.0&x_source.tid=3529c267-b55f-4ddb-9933-a34817c53c3c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3073157204136754
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a563c981090c6d3d324ea4c723505cd226e439f732e71431db560dc3e6fcdf2b

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://us.my-vps.ml
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
715 B 265ms
71ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=15&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&rf=https%3A%2F%2Fus.my-vps.ml%2F&tk_flint=pbjs_lite_v4.13.0&x_source.tid=f682146d-2ea1-4556-aeb5-00c735dd2d11&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6106449681414592
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 303f5a82f06defddccd2fa229a7cc6d69c348ebd5b6bf78815704746af0dc13a

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://us.my-vps.ml
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
715 B 268ms
73ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=15&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&rf=https%3A%2F%2Fus.my-vps.ml%2F&tk_flint=pbjs_lite_v4.13.0&x_source.tid=436b043e-375c-446a-a00a-a41e1e1fbbe2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1815845950099948
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e2637a1f7405dcdec0ef084c945d849b8562c8aa4bb8a798363a393f012f526a

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://us.my-vps.ml
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 238 B
714 B 271ms
74ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=2&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&rf=https%3A%2F%2Fus.my-vps.ml%2F&tk_flint=pbjs_lite_v4.13.0&x_source.tid=612e19d5-721f-417f-b5c3-d9502c386683&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.77112799476814
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: dc53af0a954c8356415ab06a057402a1e6525d0922c96477b80d1e58eadb599e

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://us.my-vps.ml
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 162ms
162ms XHR
text/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3336&u=https%3A%2F%2Fus.my-vps.ml%2F&pid=1369ciQm8Ze3e&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_leaderboard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_skyscraper%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_lowerboard%22%7D%5D&cfgv=0&gdpre=1&gdprc=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:02 GMT
via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://us.my-vps.ml
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: P2s4Wrv54gDpknhJQUbNpDjWh9Qj_QIOvAaoU8fxT9vtg3RwbBxk6w==

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 92 KB
35 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MPW4L3J&t=gtm6&cid=403436395.1616086142

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

866b18b888426b62b494797777dc3ccf3b285d12c567d20f99d362cc57cc593d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36090
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:49:02 GMT

GET
H2 200 info Show response
gurgle.zdbb.net/ 181 B
394 B 422ms
144ms XHR
application/json 3.227.115.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fus.my-vps.ml%2F&fp=0
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.115.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-115-231.compute-1.amazonaws.com
Software: /
Resource Hash: c84df3da6134b827fdad0b268eb63bc0160fecc24be62ad5468204f6d0004573

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://us.my-vps.ml
date: Thu, 18 Mar 2021 16:49:02 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 181
access-control-allow-methods: GET, OPTIONS
content-type: application/json

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 34ms
13ms Other
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KKLSRK6J1Z&gtm=2oe3a0&_p=1099294531&sr=1600x1200&_gaz=1&ul=en-us&cid=403436395.1616086142&_s=1&dl=https%3A%2F%2Fus.my-vps.ml%2F&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&sid=1616086141&sct=1&seg=0&en=page_view&_fv=2&_ss=2&ep.gtm_container=GTM-K7SNBZ&ep.gtm_version=239&ep.mobile_web_test=false&ep.hostname=https%3A%2F%2Fus.my-vps.ml&ep.adblock_status=False&ep.zdConsent_geoCC=pl&ep.zdConsent_gdprApplies=true&ep.zdConsent_consentGiven=false&ep.vpnUseDetected=false&up.user_type=anonymous&up.adFree=false&up.gaOptInStatus=false&up.googAdsOptInStatus=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.my-vps.ml
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
72 B 34ms
34ms Other
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KKLSRK6J1Z&cid=403436395.1616086142&gtm=2oe3a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.my-vps.ml
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KKLSRK6J1Z&cid=403436395.1616086142&gtm=2oe3a0&aip=1&z=643242527

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=1099294531&t=pageview&_s=1&dl=https%3A%2F%2Fus.my-vps.ml%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&cid=403436395.1616086142&tid=UA-389482-3&_gid=2016416427.1616086142&gtm=2wg3a0K7SNBZ&cd2=anonymous&cd3=anonymous&cd4=anonymous&cd15=False&cd16=239&cd17=GTM-K7SNBZ&cd22=https%3A%2F%2Fus.my-vps.ml&cd23=ST4&cd41=0&cd42=0&cd43=pl&cd44=1&cd45=0&cd46=0&cd49=0&cd52=0&cd53=0&cd54=12&cd57=0&cd59=0&cd47=true&cd40=403436395.1616086142&cd51=pageview&z=1502158869&cd48=592

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72127
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/6036316/ 0
400 B 56ms
55ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/6036316/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:49:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Sun, 21 Mar 2021 16:49:02 GMT

GET
H2 200 EBd3N5GSEeWA3CIAC7Ppng
zdbb.net/l/ 43 B
108 B 213ms
72ms Image
image/gif 54.171.45.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/EBd3N5GSEeWA3CIAC7Ppng?bidder=nobid&provider=prebid&site=speedtest.net&cpm=0.07&bsid=e5a0d8c8-82b5-476d-b6b6-a673bceaacc9&bid=0.07&adid=55bc51d40a0ca82&adunit=/6692/speedtest.net/stnext_bottom_rectangle&size=300x250&ttr=314&status=Bid%20available
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.45.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:02 GMT
content-length: 43
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=us.my-vps.ml

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 16:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=us.my-vps.ml

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 16:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 204 KB
30 KB 663ms
663ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671856122266175&correlator=899058202702023&output=ldjh&impl=fifs&eid=31060473%2C31060487%2C31060010%2C31060367%2C31060420%2C44739387&vrg=2021031601&ptt=17&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-37&ecs=20210318&iu_parts=6692%2Cspeedtest.net%2Cstnext_leaderboard%2Cstnext_skyscraper%2Cstnext_top_rectangle%2Cstnext_bottom_rectangle%2Cstnext_lowerboard%2Cstnext_left_300x600%2Cstnext_right_300x600&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=728x90%2C160x600%2C300x250%2C300x250%2C728x90%2C160x600%7C300x250%7C300x600%2C160x600%7C300x250%7C300x600&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_pb_nobid%3D0.07%26hb_adid_nobid%3D55bc51d40a0ca82%26hb_bidder_nobid%3Dnobid%26hb_cpm%3D0.07%26hb_pb%3D0.07%26hb_adid%3D55bc51d40a0ca82%26hb_bidder%3Dnobid%7Camznbid%3D2%26amznp%3D2%7C%7C&eri=1&cust_params=gdpr%3D0%26country%3DUS%26testStage%3Dnew%26isp_id%3D122742%26hostname%3Dhttps%253A%252F%252Fus.my-vps.ml%26bucket_test%3D12%26pageviewid%3Dc98bc6ba-c0a4-4684-a3a6-d20becda81d1&cookie_enabled=1&bc=31&abxe=1&lmt=1616086142&dt=1616086142481&dlt=1616086140239&idt=1757&frm=20&biw=1600&bih=1200&oid=3&adxs=366%2C190%2C1110%2C1110%2C366%2C50%2C1110&adys=76%2C76%2C76%2C346%2C696%2C76%2C76&adks=2675502559%2C490556826%2C2311931128%2C1178321438%2C437806214%2C2923028898%2C3017529935&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fus.my-vps.ml%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C160x600%7C300x250%7C300x250%7C728x90%7C300x600%7C300x600&msz=728x90%7C160x600%7C300x250%7C300x250%7C728x90%7C300x600%7C300x600&ga_vid=403436395.1616086142&ga_sid=1616086142&ga_hid=1099294531&ga_fc=false&ga_cid=2016416427.1616086142&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=728%2C160%2C300%2C300%2C728%2C300%2C300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c8b49f824eb1ee1e5551f731ab53e7390c211cb9d1fbcee7c59b4b95f970f891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30038
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,5394554337,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138313975824,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://us.my-vps.ml
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
83885d4b91803ffdce5e27b1aab8ad97.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 70ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://83885d4b91803ffdce5e27b1aab8ad97.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
7ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
232 B 417ms
136ms XHR
text/plain 54.227.217.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fus.my-vps.ml%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.217.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:02 GMT
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=574549
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
777 B 66ms
66ms Script
application/javascript 88.221.221.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.221.73 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-221-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: SB5Zb.JQr3Vk6VrKr9DnOzFSowr6zF3N
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 14:57:59 GMT
x-amz-request-id: E893EF490396FD49
date: Thu, 18 Mar 2021 16:49:02 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 464
x-amz-id-2: 0UxABhqnmrLylLQuAeCrb3tspj12bNB1LXmGysNvpG/fz0on0ASUW5c/LnnDpb+SjHTpjMFaPGY=
expires: Thu, 25 Mar 2021 16:49:02 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 185ms
80ms Script
application/javascript 172.227.98.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.227.98.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a172-227-98-16.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2021 19:39:43 GMT
Server: nginx/1.15.8
ETag: W/"601858ff-cae3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Thu, 18 Mar 2021 16:49:02 GMT
Connection: keep-alive
Content-Length: 16039
Expires: Thu, 25 Mar 2021 16:49:02 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
565 B 66ms
66ms Script
application/javascript 88.221.221.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.221.73 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-221-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: o2JEkGunhRs73Op0GuV2hc5ayS5Hg8U0
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 14:58:00 GMT
x-amz-request-id: 4729E75358369279
date: Thu, 18 Mar 2021 16:49:02 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 255
x-amz-id-2: i1vdPaeMm85lnMjXtgF9KmwjEte1dTt6b2dnX6LlwQQTOD2FZYXXGOZx3eF5tcZ9cW4LHtgxlWk=
expires: Fri, 19 Mar 2021 16:49:02 GMT

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
109 B 153ms
71ms Image
image/gif 54.171.45.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=c98bc6ba-c0a4-4684-a3a6-d20becda81d1&zd_location=https%3A%2F%2Fus.my-vps.ml%2F&evidon_consent=undefined&third_party_consent=&fu=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.45.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:02 GMT
content-length: 43
content-type: image/gif

GET
H2 200 spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 2 B
394 B 151ms
51ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 18 Mar 2021 16:49:02 GMT
via: 1.1 varnish, 1.1 varnish
age: 166
x-cache: MISS, HIT, HIT
x-app-cache: MISS
x-age: 0
content-encoding: gzip
content-length: 22
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5130-BWI, cache-fra19151-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1616086143.717886,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 3, 22

GET
H/1.1 200
OK 30629 Show response
stags.bluekai.com/site/ Frame 0D70 71 B
338 B 323ms
213ms Document
text/html 104.108.41.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dus.my-vps.ml&phint=referer%3Dhttps%3A%2F%2Fus.my-vps.ml%2F&phint=bbseg%3D900002&phint=__bk_t%3DSpeedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&phint=__bk_k%3Dookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeed%20test%2Cbandwidth%20speed%20test%2Cinternet%20speed%20test%2Cbroadband%20speed%20test%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cip%20address%2Ctcp&phint=__bk_l%3Dhttps%3A%2F%2Fus.my-vps.ml%2F&phint=__bk_v%3D3.1.9&limit=10&r=77977208
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-41-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://us.my-vps.ml/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: c45e
Date: Thu, 18 Mar 2021 16:49:03 GMT
Connection: keep-alive
X-N: S

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
219 B 212ms
57ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159017/2865/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Mar 2021 16:49:03 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://us.my-vps.ml
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 7531 185 KB
53 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 7531 12 KB
5 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 7531 87 KB
27 KB 48ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 7531 3 KB
1 KB 51ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 7531 40 KB
13 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
DATA 200
OK truncated
/ Frame 7531 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a72e2103d17c4d2bdb42641bd4ef0bc1d229b5358264c2b4f6c7a4e67b220d60

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 17831398392406251729
tpc.googlesyndication.com/simgad/ Frame 7531 7 KB
8 KB 37ms
22ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17831398392406251729?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkSSIEH9cpTENm7_IKRNzOFtXeG5Q

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7c23d0a953bd724102aae3c34ed81aaedd5f83ca765c059e45fdf8a624ec34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 23:06:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 09:42:26 GMT
server: sffe
age: 150177
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7679
x-xss-protection: 0
expires: Wed, 16 Mar 2022 23:06:06 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7531 2 KB
3 KB 38ms
22ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 72128
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 18 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7531 295 B
748 B 35ms
20ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 66718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 18 Mar 2021 22:17:05 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7531 0
0 86ms
85ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Crhw-foRTYKKaI-jU7_UPkcKFsAjK7I_yYZy7zoKCDfiFs9HxAhABIM675B9g6eTJhdgaoAHB7pP1A8gBAqkCCVBCYCRQkT7gAgCoAwHIAwiqBMYBT9DLEyzVDDfHTj4XY4YvAQDctNlIS1r_mmzAC2fTfloO8gaPEznIZbW4XopklhnvI6ZFcizHFifzhwgVZZjHXrA6ji66JppUdu5mFchoWOhaJpydmcelq8DCbzVmt0ld02QgNFBGXt3vOQMCelGFaaxWfuagY3UR3p5qKKZnaUJkSiuhYeO6qqQMr2gs34tEN0zJ93mzxtMzUdAlhikKKi7v9BAaNnwf2KvIJDhU5rcGQJTyREhpk1S1jtVCr65vHgI1xn7SwASdiciauQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHuezTMagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC7rgTSCAkIkOGAcBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItMzEyMTU2MzQ0NTE4MjE0NQ&sigh=LQZK5AbDgp8&tpd=AGWhJms6euWLM5SbSLPOiQEOYH1lRfN3EmXNYkPSmGdV2bxbqA
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 6FF0 185 KB
53 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 6FF0 12 KB
5 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 6FF0 87 KB
27 KB 35ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 6FF0 3 KB
1 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 6FF0 40 KB
13 KB 44ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6FF0 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 72128
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 18 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6FF0 295 B
320 B 9ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 66718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 18 Mar 2021 22:17:05 GMT

GET
DATA 200
OK truncated
/ Frame 6FF0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a727b48edffbc1ef902477b4b41eeec35462fa47464d6b7d008e4357cc25b17

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 395C 185 KB
53 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 395C 12 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 395C 87 KB
27 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 395C 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 395C 40 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 395C 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 72128
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 18 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 395C 295 B
320 B 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 66718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 18 Mar 2021 22:17:05 GMT

GET
DATA 200
OK truncated
/ Frame 395C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5041288a3722a78831afd1d16008115f9383c91d744f98617dad527688e5812e

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7168 0
0 89ms
85ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst46tx-sIP7WvG8dIVk8J5hcXkDmUKu9NVus77AbKUbFzhu0lSF3G7OQ017pF7uJCu3EXqXbHCHDCO8EFPGGDBsT4aJVcpjrFAjs7pBYOd4ItP4a5beW1pS9Jq-yZz7xZ3US51hw43Eit97djwAqpxb4Q0RlNIp5X1H9m_4d0FCPEniY-GGYgExt74lU6aJj9T37v4QpivfIsz1bq3cwGndBKbhmXRih3Kz78D0LocQOMAydNt2H9kViloBSGAjMUhJ0fJ-GArSs8WDGsiZRHp7RxtBtXNYOwDbfe4lgFXpueHrSQNUAt1TA7o957s4xBLsQQ&sai=AMfl-YQypI1lBGurRH62Pz3EQQgsjtkU73teYViZPHT_YXk9lTZjKnVNu3BlBq9IFTz4J_MSu7TGjYrCNIZuhHKsp_w5AjarCx3NzjXYg1nmuXBDHTZbIXUetqgrOi0Q9UfH&sig=Cg0ArKJSzNYjegPI4Yp4EAE&adurl=

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 16:49:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 7168 17 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 16:48:43 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 7168 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 16:48:54 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7168 117 KB
36 KB 44ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:49:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7168 0
0 18ms
12ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUocy7STzMwoRT3tZR5ogU4XYU6q5LsREKzMgzEsIki77rFufqPtFweoWO9_IXwMTIEZ6f
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 6029590525098546506
tpc.googlesyndication.com/simgad/ Frame 7168 16 KB
16 KB 12ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6029590525098546506

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c56d4c4164a67dbde0d1bbe9dd5f2b20417bb5835f017bb6aed37ef7127da27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:26:52 GMT
x-content-type-options: nosniff
age: 559331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16087
x-xss-protection: 0
last-modified: Thu, 11 Jun 2020 21:20:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Mar 2022 05:26:52 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 534A 185 KB
53 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 534A 12 KB
4 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 534A 87 KB
27 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 534A 3 KB
1 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 534A 40 KB
13 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 104347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 11:49:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 534A 4 KB
713 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 15:10:15 GMT
server: ESF
date: Thu, 18 Mar 2021 16:49:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 16:49:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 534A 4 KB
690 B 62ms
59ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 15:59:00 GMT
server: ESF
date: Thu, 18 Mar 2021 16:49:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 16:49:03 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 534A 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 72128
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 18 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 534A 295 B
320 B 11ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 66718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 18 Mar 2021 22:17:05 GMT

GET
DATA 200
OK truncated
/ Frame 534A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fb4cbe1eed45007d07b4a51a3612a7ccfd49cb1a6be6b0ee3eaa33ce4745d0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 7300629646568743426
tpc.googlesyndication.com/simgad/ Frame 6FF0 32 KB
32 KB 11ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7300629646568743426?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnXTblN994rJTUO-OLtExLdQcUO-g

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c99999dd431afb290cf1504b8ccaf2eb2992fdc59f6bc04e84290772e884743c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:17:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 02:52:10 GMT
server: sffe
age: 480671
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32300
x-xss-protection: 0
expires: Sun, 13 Mar 2022 03:17:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6FF0 0
0 17ms
12ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQO52dhX9gaywfokRgP4odnHALw8Xe7Rzs5jRVFjGClUWVIZ-fAG3uofQnLQGDFnuiBZ6Nc
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6FF0 0
0 87ms
85ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnjWgfoRTYKOaI-jU7_UPkcKFsAji8cjtYZivxtm9DdrZHhABIM675B9g6eTJhdgaoAHWioLpAsgBAuACAKgDAcgDCKoExwFP0Fi8IZJI74W0ugk5ACB_FjwnHcZTuZcOLl2SZ-Cd3EnUAiBEMoGtfFhimlkTcnLaXtBeux8if0UC1V-oCaLKIxm1f9WHZAtAr3-q7KBJXGuhST7YPmKD3knNk5cKSNXU8B_Quo-HBaCNqZXmnPtwi7MKzbMvzn8MBS1pn621HawIKOP41kmvjZLpLTLfMfAffs2864WiyjbDSk7eg9Y7C6x9dxYomhw1dLbKrtK0q75-oLe0mybYUcMnap0HzjgdgmwUln4awATfqvrxxAPgBAGSBQQIBBgBkgUECAUYBKAGAoAHkvX9lgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQhcYH0ggJCJDhgHAQARgdgAoDyAsB2BMNshcaChgIABIUcHViLTMxMjE1NjM0NDUxODIxNDU&sigh=9VZtyYKb2j0&tpd=AGWhJmu2F0b_opsBmn18iPkdwAhp8jyNxs9xzNiaKHX9hoQ8Aw
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 7624637446819117521
tpc.googlesyndication.com/daca_images/simgad/ Frame 395C 42 KB
42 KB 14ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7624637446819117521

Requested by

Host: us.my-vps.ml
URL: https://us.my-vps.ml/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bb07c492e9f8bb7b9ef11bc24bc9c8c3c8b1e559b370851834242fe649b7808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 18:56:07 GMT
x-content-type-options: nosniff
age: 597176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43403
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 15:42:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 18:56:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 395C 0
0 16ms
12ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbRO9aMjWpX7Z_U0EUcLy3AY94Bsv4tMWSskfZnwQDY_1NsiSvh7jSw2or1zKBhDNPvVV0
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 395C 0
0 88ms
85ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3QrDfoRTYKSaI-jU7_UPkcKFsAiNtOrWYbj1s8DYDbyZhOibDhABIM675B9g6eTJhdgaoAHCtNTAA8gBAuACAKgDAcgDCKoEywFP0LnWt7mPO3Bj4zfTJSncsAkvrpR64O2XPNiLQe3iU4bE61rBcrVxryQgP_EW5DQl9sIgHcSooX-5jvoK1eIevl5RBO22_b-Oa-zUwqIaNfy_w6AlwRxtszcvrT2ZFocO6ptI7Z56WCCmhIaz49QCCC3fkqGKlh6EH6Pdr1elGpgf9Du3JuvR8vJwo-DhBLYQHmdAZPAXJnb_DUx15PdnzlUu1aNUxRsPe1sEmqOU5Pr_x33S0-aWweIYauN9xb0UdbMihwzYwJwGQsAEiJW7sMQD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6bLqz-oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQktQF0ggJCJDhgHAQARgdgAoDyAsB2BMMmBYBshcaChgIABIUcHViLTMxMjE1NjM0NDUxODIxNDU&sigh=_r3WCoTB42s&tpd=AGWhJmtGh2xafKt7QZGflGl0-Z9LgtYF04pvwb4keEUZp74m3A
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 534A 0
0 86ms
84ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5bt6foRTYKaaI-jU7_UPkcKFsAi1m9_zYcfZ9oLnDNeq5pKPDhABIM675B9g6eTJhdgaoAGKpKzdAsgBBqkCpdKgUCZJgT7gAgCoAwHIAwqqBMsBT9CHlpK7SwncQQBaRZr8e9MwcxaZYhvZC5I6ishCyMYjomZOdNLUXBR79Sw8x0HDrq8Rz2XLkOM2AUtfxvp0pu8QezUy3jr_IktNTLLM-hCEjktJbR3kbqX2AxtMxTFo_NBpW64CsA_P3zoe8xbphGGZYAYJdCs2v3L5qDseKaSC39kumi9IeTPzMPKefP782Vra6UKRLj0OeEHHFampJxOwrys0gfmGocO-nlR-znSdywNBMswo1H1nPvQI6GogpuYW1qkQJC2tBIjABMjF1d2wA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfe29OiAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDXqgTSCAkIkOGAcBABGB2ACgPICwHYEwyIFAeyFxoKGAgAEhRwdWItMzEyMTU2MzQ0NTE4MjE0NQ&sigh=Up4tfzjz8Ss&template_id=492&tpd=AGWhJmtPTv9rR4Q-tVMLvrvF9xqtLmsQX26Cr5KMnmDiguOzhw
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame 534A 0
0 17ms
11ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxBWATn1k-F62WpMoDFgeauQPzc6rPl2FwzotlIJsAQGOl9BFPX8a-NBVhDSiNEPg2SFr0
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:49:03 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
24ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8226cef6f6e575740ccabe30fe0aaf7f50739f3f48b8baf05d365487546befa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 16:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 534A 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://us.my-vps.ml
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 253284
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:27:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 534A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://us.my-vps.ml
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 251836
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:49:03 GMT

GET
DATA 200
OK truncated
/ Frame 7168 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d89efdf8981f80b996f57d327f748367a5652a50b2137822d893a32860c700b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7531
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

57ms
54ms

Image
text/html

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Mar 2021 16:49:03 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6FF0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

54ms
54ms

Image
text/html

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Mar 2021 16:49:03 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 395C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

53ms
53ms

Image
text/html

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Mar 2021 16:49:03 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 17831398392406251729
tpc.googlesyndication.com/simgad/ Frame 7531 7 KB
8 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17831398392406251729?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkSSIEH9cpTENm7_IKRNzOFtXeG5Q

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7c23d0a953bd724102aae3c34ed81aaedd5f83ca765c059e45fdf8a624ec34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 23:06:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 09:42:26 GMT
server: sffe
age: 150177
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7679
x-xss-protection: 0
expires: Wed, 16 Mar 2022 23:06:06 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7531 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 72128
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 18 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7531 295 B
321 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 66718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 18 Mar 2021 22:17:05 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6FF0 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 72128
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 18 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6FF0 295 B
321 B 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 66718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 18 Mar 2021 22:17:05 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 395C 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 20:46:55 GMT
x-content-type-options: nosniff
server: cafe
age: 72128
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 18 Mar 2021 20:46:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 395C 295 B
321 B 8ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 66718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 18 Mar 2021 22:17:05 GMT

GET
H2 200 check_c Show response
zdbb.net/ 0
229 B 66ms
66ms XHR
text/plain 54.171.45.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zdbb.net/check_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.45.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Ziff Davis BuyerBase /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:03 GMT
server: Ziff Davis BuyerBase
p3p: CP="ALL DSP COR NID"
access-control-allow-origin: https://us.my-vps.ml
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 0
expires: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 534A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

82ms
81ms

Image
text/html

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: us.my-vps.ml
URL: https://us.my-vps.ml/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Mar 2021 16:49:03 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7168 0
0 159ms
102ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssveF4llSRO39c2-2fuqbS0zj9HGD7_kcW58Aby9JHLMKlstqIT4z84KJxbpFajyhDaRKfwYbeLplAut5KSD6Lfxk4x6QtdgSVcGvmUI-749mr3VQG6mwiOKCtQ7qgIELpa-Sv46EY5DY7xd_MyXnWE9ZOMWi_zEv82xyQ9ZpHxokugTRxzyespr_lVIhXvT_nGPGDouNeVx1b42MDJp7aquQT7IxjZaT4Lw7jphNwNppS37WjfFASYRo3IekHwVSSfeU5tu0t7EbJ_imB7scPs7iYnB4XJ1uFw04O6DRFp3jdCa1DDyH_fbhP_G1mP_ZbPeqWb&sai=AMfl-YSBBu567IOpNDh2VoLAbjlMzzci-FsGCZJ5kO9aHTxPIb7uRoFBH3MFGD0y3RVLxoPP_ByWI_sRQOST3Tnp8HPva5rlnrNscbmRm9OSuJSz1uy46JgSLL1swzwUYKSJ&sig=Cg0ArKJSzP4X6f-809NvEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 16:49:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 18 Mar 2021 16:49:03 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3A94 12 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://us.my-vps.ml/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 18 Mar 2021 15:12:08 GMT
expires: Fri, 18 Mar 2022 15:12:08 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5815
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A94 14 KB
6 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 09:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 26114
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:33:49 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 44ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=671856122266175&bg=!EBOlE1fNAAbUo7L91KM7ACkAdvg8WuhPZcgELnpKsBG8_kiTjnQiaSd39x7M86UR0IxPv8MHYtoKhgIAAACIUgAAABBoAQcKAQw5TYAZrz6qd5BMhjsCmFkT3en-tdWhA0s44FyaBUrrrkAjYz5cK3roNdGJzCcvfGLKXToxjZXHTbO8Udy80yyYuJFwzKHLd5bKaYSOuT6EuXysmJoo-deD-_LScDtOFShXo6F5MS6hxfZF8fI8ai4KKbH1mV194oc0eB3-ox-zVQs7SZSyoq_vaXblBGNypGZMPMAyoYjXq44K-Srq_QEkb7gpH7PFrL4ATBfgGpcLFWMTVkHtAOIInvqRbtY0NhlNwEd-dMeHiAId-ElDuygGlYXzRvapikA3iQOXMZc0BRBkMp4Ei0M_WHChQ2lE9WtUiq0Z6Jhcn94xerxXuE6TtPd2vNVX1_NCZVsLmQHWjnRy000JiG2UAF01q9g1GC61A3mdx_FpuaZ1fqb2UPAFEZMru2-vhWhrHlQilLwki8sV0OzccpMFL6d-675CfilBSnj3u12EhSW8T5acR_4YEXEFQwGjQDRcbsm_v1dCpd_g9MF_MAIiYgvV8Q7Uw13xOIwIJvB8JfByz4mY1LWgn17E1Vv15B87xuDNhxgQHHStwlGnKtkZU8LjTLbJn836TsDPoM2b6YQodmkcfOPbDJdd96DQJVNiOVwsDUYF8k8WwjL0RCLdMcRtceQjVy1YogQaApy56iuzZNpJs_oxxOeRSnLLF22oDN9-A7fRAkOH0BLVUO-h7tWieUvWv6FOFaQ_V2odkCxtRPqfY-0jwt_FpomQsvLC2QraPIYtj7ea34QUnNNj135BcdFekx7vrNtYxZbfNfBN6r7avjH-d-Z3ImcP0I5w-POsandYmzgfsqdX2ZZ7Oia-q2bTA_txB3MRFTXHpXspLTwU66aASlrFtUfYgivr9WqbLHlZa1Avoy5R_MbJhMlNf9_iDxP5cZD3zpAyH8TdG9Xsmnij3z-c5bC4AJVdvxE1VUHhyCsVX6HQ1lRb0kF-AYY8nCl2s-355TLC3vevvJjrzcvc987dF8c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7168 42 B
479 B 66ms
53ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0ZZaR95ZZz9mHz-dUBuIimf_5nm0YA7IEo8K6j4JXIufiLjYT1P-Nww2XpgOEPcUU3vvphpFHBqWPGFy3fJcoFRrOeCzSvmW27uPinK8&sig=Cg0ArKJSzA3HFDvFbY8LEAE&id=osdim&mcvt=1000&p=346,1110,596,1410&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1178321438&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616086143307&dlt=0&rpt=360&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7531 42 B
71 B 45ms
45ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRE004E6ZZDucDhSr_77UXWwK7uiYqeevl9JZsdPIzbuE3Zl6cJpf5zFGiqBIMAqYv84HO_EgLxVK6FcZgMAXLac8RViZzDSxwIDO5RFm12jCZy7n1a_v63fdtN19Q8gerwKtnPExVCeof4scCYRHF&sai=AMfl-YQtdQ_6MrqV7Ml4uV6W5a_3e9A_43UxlRcGUd2_e8mOE0Vkqh9kTNmXjsooLM91tZAqD_KNJPL0BJa9F3-u_YzBKWghujrhOC_qXcLjMCE086tZlk7oltUAEmeXr_dQ&sig=Cg0ArKJSzPOKkt87gP_IEAE&cid=CAASPeRopwD4LTxQ5JwCiEUfkd-oWYfpOCWM0Yr21Vei1X_op6uskjgmOyZhE6FtsJhdM44VId6dKBS3Y8VKLMg&id=ampim&o=366,76&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=388&tls=1388&g=99.98263716697693&h=99.98263716697693&tt=1388&r=v&avms=ampa&adk=2675502559

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6FF0 42 B
66 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIPxYeZPnkTcjeWFLnXJeR5BBol3bf719KUXIGI7eJxyUnVgnQpldbsx72eTqKW9rfB9lSOAGByoxtEeyPqgGS9MWUvZDWb0wrgN_SXP54BkQz4fGqKBhYpzETjRDIXQKzzRE9T0nYqKROxpGhPbW_&sai=AMfl-YTDYnWowf8Z1FSabn8b_NZfpwq8-00eky4q4mGu5sW9kx3bCBRudWHMFQ49FTnmO4ktE_cmC7U___2pYRxL_oLnkGyGi2cVo5jtMgF4zRzWPfpZhIaM5puTFMMGJFTS&sig=Cg0ArKJSzFzV48fDXNmHEAE&cid=CAASPeRoGyvJIO0Dtw_AGfeNTA5qQ_I59eLenqTe-N5WIyLplVl3gPzt1BM2gda9iO2quI1Ztsj6ckI0SRU92Sg&id=ampim&o=190,76&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=367&tls=1367&g=99.99739527702332&h=99.99739527702332&tt=1367&r=v&avms=ampa&adk=490556826

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 395C 42 B
66 B 41ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUlJE50beNso8bJKsnueb7a3eQoOLJC1_xUCy0uX4igK1amMqOff6jLXuHNZk3IhGmIticocYJGiOqdp44Rm_S2GgwKjTDEcDwS89zz5_CkvHbXLuq5W7mXRG55w&sai=AMfl-YQyUisYb2AlbG5sFmvsV0PWi2O5aKmfj2g3u2bYZpld9dx02mkirTHGlfUqe2Q-6mCfpdjZYxkMaglS7FFzUI5k9H0L0V3ZjsQtTlHXa6zfa-oVGCpRO_vX7evca9UZ&sig=Cg0ArKJSzC3p0lVIk3EbEAE&cid=CAASPeRoDRNabt1XFB-r7MB_lLJSRWe0ZptziLxQ9U69pmUb_p-b95Ek2jmFNsD83aBi7DXYlVq3zZVNEYbJJ2k&id=ampim&o=1110,76&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=363&tls=1363&g=99.99374747276306&h=99.99374747276306&tt=1363&r=v&avms=ampa&adk=2311931128

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 534A 0
0 84ms
84ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTXJIfoRTYKaaI-jU7_UPkcKFsAi1m9_zYcfZ9oLnDNeq5pKPDhABIM675B9g6eTJhdgaoAGKpKzdAsgBBqkCpdKgUCZJgT7gAgCoAwGqBMsBT9CHlpK7SwncQQBaRZr8e9MwcxaZYhvZC5I6ishCyMYjomZOdNLUXBR79Sw8x0HDrq8Rz2XLkOM2AUtfxvp0pu8QezUy3jr_IktNTLLM-hCEjktJbR3kbqX2AxtMxTFo_NBpW64CsA_P3zoe8xbphGGZYAYJdCs2v3L5qDseKaSC39kumi9IeTPzMPKefP782Vra6UKRLj0OeEHHFampJxOwrys0gfmGocO-nlR-znSdywNBMswo1H1nPvQI6GogpuYW1qkQJC2tBIjABMjF1d2wA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfe29OiAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDXqgTSCAkIkOGAcBABGB2ACgPICwHYEwyIFAeyFxoKGAgAEhRwdWItMzEyMTU2MzQ0NTE4MjE0NQ&sigh=u_2Qd81gEoo&vt=1&template_id=492
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 534A 42 B
66 B 42ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjFRerHtVBqek_LNLim9w-mHLjhSmxO-VLSQtbljpOupitUVnLc_2IkDvi8o_ER6KEwKW9Kve4K9d8Gs9aSxz41U3ZqX4XGAnE5Tu2GVUvaEoKzCHUvYfMdzZDXQ&sai=AMfl-YSMjRS40sr2DwB-uy_KrO7Le0OA4YTMyXnRULnyCdRz1QYAfTTNf0ZGJna-y4XimV60fFzTxJ4qgLRbCB1BR3hP-qL346MaDE28AL0A3s_9JzIq6Yac5YkQLiRfNYCu&sig=Cg0ArKJSzCsXdBxBr7cpEAE&cid=CAASPeRomqp7xqWIZcaBHA-3GGPCxA1YAWVGduY3J_DSc0VKufB5_Np6KYGFVuAHgh4Lt23AQ-lZMB8GT7vjlBo&id=ampim&o=366,696&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=299&tls=1299&g=99.98263716697693&h=99.98263716697693&tt=1299&r=v&avms=ampa&adk=437806214

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.my-vps.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame AB17 20 KB
8 KB 317ms
315ms Document
text/html 104.107.160.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUYEJ1S6&prvid=77&purpose1=1&gdprconsent=0&usp_status=1&usp_consent=1&itype=PREBID

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-107-160-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a4889ea6c01f2a4bcda9f8fd9b4e8d9bb5f89e74950981fbdf81beafcc460540

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUYEJ1S6&prvid=77&purpose1=1&gdprconsent=0&usp_status=1&usp_consent=1&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://us.my-vps.ml/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sun, 19 Sep 2021 16:49:05 GMT; domain=.media.net; Path=/; sameSite=none; secure=true usp_status=1; Expires=Sun, 21 Mar 2021 16:49:05 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 20 Mar 2021 16:49:05 GMT
date: Thu, 18 Mar 2021 16:49:05 GMT
content-length: 7562

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 62E1 5 KB
2 KB 27ms
9ms Document
text/html 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&usp_consent=1YNY
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afdbb17bf44b6700c1dabde3c6acf10b306029100ac6e2a5ed6dc0f5c760ca9b

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&usp_consent=1YNY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://us.my-vps.ml/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 04 Mar 2021 17:43:15 GMT
accept-ranges: bytes
etag: "1b43387f21b78e36bbcbbe31666bb5af"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: LKOcua1dPsJsQeJRL9CI8mTA8BR+7jRkn5vkFT7EWmJ78/MtAM+SrzYJK3OTkImeGQBbqXk76QY=
x-amz-request-id: 2TH1QWN6WJ6TFCS9
x-azure-ref-originshield: 0ZnVTYAAAAACMOIzDNoT2SrRma2+HpgH3TE9OMjFFREdFMDIxNQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0gYRTYAAAAADZAbHQwyYrTbza1qhC1CqhRlJBRURHRTEwMDkAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Thu, 18 Mar 2021 16:49:05 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 91EC 0
91 B 62ms
59ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://us.my-vps.ml/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.203.0
date: Thu, 18 Mar 2021 16:49:05 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C472 37 KB
14 KB 66ms
66ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://us.my-vps.ml/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=43214
Expires: Fri, 19 Mar 2021 04:49:19 GMT
Date: Thu, 18 Mar 2021 16:49:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0986 52 KB
17 KB 170ms
53ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://us.my-vps.ml/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 18 Mar 2021 16:49:05 GMT
Age: 39476
X-Served-By: cache-lga21965-LGA, cache-hhn4057-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 3, 624126
X-Timer: S1616086146.606159,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6C60 281 B
554 B 204ms
70ms Document
text/html 104.86.49.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.86.49.58 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://us.my-vps.ml/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "40005-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Mar 2021 16:49:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7136 2 KB
1 KB 190ms
62ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.4.13.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://us.my-vps.ml/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.my-vps.ml/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Mar 2021 16:49:05 GMT
Content-Length: 1151
Connection: keep-alive

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame B3CF 8 KB
2 KB 199ms
65ms Document
text/html 52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&usp_consent=1YNY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e20041e585ecf13e76a4a336e8aead2e5054500823ab0680ad8b513df231ce5c

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

date: Thu, 18 Mar 2021 16:49:05 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_d21ef804-43f7-4495-bf86-4379d65cda59; Domain=.gumgum.com; Expires=Fri, 18-Mar-2022 16:49:05 GMT; Path=/; Secure; SameSite=None
etag: W/"07d9d5147dc8e76a3cf956278d67dbfc5"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame 828A 0
0 457ms
154ms Document
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D9963%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&usp_consent=1YNY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip171.208-100-17.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D9963%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

x-33x-status: 200000000000000002000208
server: 33XP003
date: Thu, 18 Mar 2021 16:48:52 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 40E7 2 KB
818 B 142ms
47ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D7296%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&usp_consent=1YNY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D7296%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

sync
ads.servenobid.com/ Frame 62E1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D8187%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D8187%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&cbimg=8187&uid=4976781122728260662

0
286 B

66ms
65ms

Image
image/avif

52.17.141.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=8187&uid=4976781122728260662
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&usp_consent=1YNY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Mar 2021 16:49:05 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:05 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: 9b0a82f7-82cf-4943-926d-45acab09abef
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=8187&uid=4976781122728260662
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 62E1
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D1647%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D1647%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&cbimg=1647&uid=b82630c5ed0a64e90e40d95c

0
289 B

66ms
65ms

Image
image/avif

52.17.141.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=1647&uid=b82630c5ed0a64e90e40d95c
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&usp_consent=1YNY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Mar 2021 16:49:05 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Thu, 18 Mar 2021 16:49:05 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=1647&uid=b82630c5ed0a64e90e40d95c
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C472 0
75 B 231ms
57ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=85435966&p=159017&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:49:05 GMT
Content-Length: 0

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame E087 54 B
326 B 226ms
99ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&d=https://us.my-vps.ml/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Thu, 18 Mar 2021 16:49:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:05 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0986 0
745 B 55ms
55ms Script
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:05 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.235:80
AN-X-Request-Uuid: c219e771-02a1-4bf9-b6b0-a21548dba7ad
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6C60 31 KB
10 KB 73ms
73ms Script
text/html 104.86.49.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.86.49.58 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1e9ebb5fa98b270e996d6b10365a43fe21ca28476f2bb5df59ba04b5d7ca6a4c

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:49:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59127
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Fri, 19 Mar 2021 09:14:32 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame B3CF
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=4976781122728260662

35 B
237 B

72ms
71ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=4976781122728260662
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:05 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:05 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: 6c3fed26-fab7-47b7-9d68-e0b7eee90e4b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=4976781122728260662
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame B3CF 43 B
146 B 340ms
63ms Image
image/gif 3.126.158.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d21ef804-43f7-4495-bf86-4379d65cda59&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.158.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

syncPartner
sync.outbrain.com/ Frame B3CF
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAA...
https://rtb.gumgum.com/usersync?b=obn&i=ENC%288ZqWmJk-Y4hLsjejypppcCgfWO7G05vKZgsAnTx_HGtjEpyII0198_7v8CB0PZBe%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_d21ef804-43f7-4495-bf86-4379d65cda59&obuid=ENC(8ZqWmJk-Y4hLsjejypppcCgfWO7G05vKZgsAnTx_HGtjEpyII0198_7v8CB0PZBe)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

124ms
123ms

Image
text/plain

70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:49:06 GMT
Cache-Control: no-cache
X-TraceId: 98e6ae183f733f720d202fac3d5c0607
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Thu, 18 Mar 2021 16:49:06 GMT
X-TraceId: 9566300c2810372ff7cb91f8c0eee7e3
Content-Length: 0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame B3CF 43 B
123 B 62ms
58ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:05 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame B3CF 43 B
168 B 560ms
136ms Image
image/gif 52.0.219.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.219.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-219-4.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:49:06 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame B3CF 43 B
299 B 109ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

usersync
rtb.gumgum.com/ Frame B3CF
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAA...
https://rtb.gumgum.com/usersync?b=vnt&i=da36ce2f-8809-11eb-8894-fb4ff9ffa6b2

35 B
237 B

71ms
71ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=da36ce2f-8809-11eb-8894-fb4ff9ffa6b2
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=da36ce2f-8809-11eb-8894-fb4ff9ffa6b2
Date: Thu, 18 Mar 2021 16:49:05 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: da36f540-8809-11eb-8894-fb4ff9ffa6b2

GET
H2 204 services
sync.technoratimedia.com/ Frame B3CF 0
293 B 437ms
144ms Image
text/plain 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1YNY&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:49:06 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 157090462
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame B3CF
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d21ef804-43f7-4495-bf86-4379d65cda59&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...

35 B
237 B

68ms
67ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Pragma: no-cache
Date: Thu, 18 Mar 2021 16:49:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 487
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame B3CF
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5843787935
https://sync.1rx.io/usersync/tradedesk/7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd
https://sync.targeting.unrulymedia.com/csync/RX-b01c2858-25f7-4d0c-bcb4-f0529462334e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b01c2858-25f7-4d0c-bcb4-f0529462334e-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-b01c2858-25f7-4d0c-bcb4-f0529462334e-003

35 B
237 B

72ms
71ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-b01c2858-25f7-4d0c-bcb4-f0529462334e-003
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Date: Thu, 18 Mar 2021 16:49:06 GMT
Server: Tengine
ETag: RXb01c285825f74d0cbcb4f0529462334e003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-b01c2858-25f7-4d0c-bcb4-f0529462334e-003
Connection: keep-alive
Content-Type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame B3CF
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=LcXnzofzMND6&ev=1&pid=558355

35 B
237 B

72ms
71ms

Image
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=LcXnzofzMND6&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=LcXnzofzMND6&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-9cnfz
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame B3CF 0
300 B 67ms
65ms Image
image/avif 52.17.141.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=8253&uid=e_d21ef804-43f7-4495-bf86-4379d65cda59
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Mar 2021 16:49:05 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 82DD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
https://rtb.gumgum.com/usersync?b=mmh&i=902c6053-8481-4100-9b3e-e10ee5ce1a4d&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAA...

35 B
237 B

71ms
71ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=902c6053-8481-4100-9b3e-e10ee5ce1a4d&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=902c6053-8481-4100-9b3e-e10ee5ce1a4d&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_d21ef804-43f7-4495-bf86-4379d65cda59
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Thu, 18 Mar 2021 16:49:05 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
location: https://rtb.gumgum.com/usersync?b=mmh&i=902c6053-8481-4100-9b3e-e10ee5ce1a4d&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3611 f10363c master cdg-pixel-x24
Expires: Thu, 18 Mar 2021 16:49:04 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 9152
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAA...
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAA...
https://rtb.gumgum.com/usersync?b=atm&i=YFOEgQAAAInlsCrK&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAA...

35 B
237 B

72ms
72ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YFOEgQAAAInlsCrK&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&_test=YFOEgQAAAInlsCrK
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YFOEgQAAAInlsCrK&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&_test=YFOEgQAAAInlsCrK
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_d21ef804-43f7-4495-bf86-4379d65cda59
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YFOEgQAAAInlsCrK&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&_test=YFOEgQAAAInlsCrK
accept-ranges: bytes
date: Thu, 18 Mar 2021 16:49:05 GMT
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1616086146.999418,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame ECDF 170 B
243 B 70ms
62ms Document
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMjFlZjgwNC00M2Y3LTQ0OTUtYmY4Ni00Mzc5ZDY1Y2RhNTk=&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9kMjFlZjgwNC00M2Y3LTQ0OTUtYmY4Ni00Mzc5ZDY1Y2RhNTk=&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUltHPFWvlS__fDg5iMhtnHrWQNxaHjnAMNNlH9jCSz-wnSy2sG0bAwLwOSY-_4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
date: Thu, 18 Mar 2021 16:49:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 399D 8 KB
3 KB 66ms
63ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=159017:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=47715
Expires: Fri, 19 Mar 2021 06:04:20 GMT
Date: Thu, 18 Mar 2021 16:49:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 00FF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAA...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAA...
https://rtb.gumgum.com/usersync?b=ttd&i=7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd&t=1618678146

35 B
237 B

71ms
71ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd&t=1618678146
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd&t=1618678146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_d21ef804-43f7-4495-bf86-4379d65cda59
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd&t=1618678146
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=7b5356b6-fe67-4fbb-a964-98cbaa8dc1bd; domain=.adsrvr.org; expires=Fri, 18-Mar-2022 16:49:06 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwislb6Wj461ORAFOAE.; domain=.adsrvr.org; expires=Fri, 18-Mar-2022 16:49:06 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 011A 0
0 328ms
60ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Thu, 18 Mar 2021 16:49:05 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame BF69
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YFOEgsCo8XYAAPYHNoYAAAAA

35 B
237 B

72ms
72ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YFOEgsCo8XYAAPYHNoYAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YFOEgsCo8XYAAPYHNoYAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_d21ef804-43f7-4495-bf86-4379d65cda59
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Thu, 18 Mar 2021 16:49:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YFOEgsCo8XYAAPYHNoYAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad64.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng18.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":46,"gdpr":true,"ipv4":"0.0.0.0","key":"YFOEgsCo8XYAAPYHNoYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad64"}
X-SO-Key: YFOEgsCo8XYAAPYHNoYAAAAA
X-SO-IP: 194.99.105.99
X-SO-Cluster-ID: 46
X-SO-Upstream-ID: m-ad64

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 88B1
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1870471593589978445

35 B
237 B

71ms
71ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1870471593589978445
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1870471593589978445
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_d21ef804-43f7-4495-bf86-4379d65cda59
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Thu, 18 Mar 2021 16:49:05 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmhmYGFmaGJqaWAJALAne2sQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 12 Apr 2022 16:49:05 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDa1sLQ0tzAxMRXiM9Stcsn0DM8vCfDwTHSS4jU0MzQzsDAzNDG1NLAEAIkzSek0AAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 12 Apr 2022 16:49:05 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDa1sLQ0tzAxMRXiM9Stcsn0DM8vCfDwTHQCAOr1p_YlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1870471593589978445
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 0EAD
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=GtwGPGnvCCECGUbYVvxu&pi=gumgum&tc=1

35 B
237 B

72ms
71ms

Document
image/gif

52.215.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=GtwGPGnvCCECGUbYVvxu&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D8253%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=GtwGPGnvCCECGUbYVvxu&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_d21ef804-43f7-4495-bf86-4379d65cda59
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Thu, 18 Mar 2021 16:49:06 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Thu, 18 Mar 2021 16:49:06 GMT Thu, 18 Mar 2021 16:49:06 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=GtwGPGnvCCECGUbYVvxu&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6C60 284 B
536 B 315ms
49ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1YNY
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA&us_privacy=1YNY
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6B21 37 KB
14 KB 67ms
67ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=159017:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=CPBXOHGPBXOpNASABCENBMCgAIAAAMPAAAwIHWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdaNS46l-Ddub65X08aV4ugajXEt1ApAKKF4Wi-ykJXBTsrkI9QQMEEBqAjCiBRiCjFgEAAAIASURAyAHigEQREAgARACpAUgAM0AQWAFgYBAAKAaFgBFAEIkpBkcFVymBgTYtlBPJWAJRd7GGEIZRYAUCj-io60AAA.YAAAAAAAAAAA

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=43214
Expires: Fri, 19 Mar 2021 04:49:19 GMT
Date: Thu, 18 Mar 2021 16:49:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6B21 37 KB
14 KB 69ms
68ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=43210
Expires: Fri, 19 Mar 2021 04:49:19 GMT
Date: Thu, 18 Mar 2021 16:49:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6B21 0
75 B 57ms
56ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=60976432&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:49:07 GMT
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.cdnst.net
URL: https://b.cdnst.net/fonts/gaugemono-regular-webfont.woff2

Domain: b.cdnst.net
URL: https://b.cdnst.net/fonts/gaugemono-regular-webfont.woff

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.my-vps.ml/	1970-01-20 10:25:58	Name: _ga Value: GA1.2.403436395.1616086142
.my-vps.ml/	1970-01-20 10:25:58	Name: _ga_KKLSRK6J1Z Value: GS1.1.1616086141.1.0.1616086141.60
us.my-vps.ml/	1970-01-19 17:37:58	Name: fu Value: 1
.my-vps.ml/	1970-01-19 16:56:12	Name: _gid Value: GA1.2.2016416427.1616086142
us.my-vps.ml/	1970-01-19 17:37:58	Name: _pbjs_userid_consent_data Value: 3524755945110770

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/159017/2865/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5(Line 1) Message: ZD Core :: Outbound Link Tracking Initialized
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://us.my-vps.ml/
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://us.my-vps.ml/
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://us.my-vps.ml/
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://us.my-vps.ml/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

83885d4b91803ffdce5e27b1aab8ad97.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ams.creativecdn.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
b.cdnst.net
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
c.evidon.com
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.krxd.net
cdn.static.zdbb.net
cdn.ziffstatic.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gurgle.zdbb.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
jogger.zdbb.net
js-sec.indexww.com
match.adsrvr.org
onetag-sys.com
ookla-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel.33across.com
pr-bh.ybp.yahoo.com
prebid.media.net
public.servenobid.com
rtb.gumgum.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.bkrtx.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
us-u.openx.net
us.my-vps.ml
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
zdbb.net
zdstatic.speedtest.net
b.cdnst.net
104.107.160.24
104.108.145.8
104.108.41.56
104.85.251.43
104.86.49.58
107.182.22.203
124.146.215.46
13.226.158.204
142.250.185.162
142.250.185.194
151.101.113.108
151.101.13.44
151.101.14.133
151.101.14.49
172.227.98.16
18.156.195.47
18.195.155.181
184.86.103.203
185.184.8.30
185.29.135.190
185.33.220.240
185.64.189.112
185.64.190.78
193.0.160.129
193.122.128.135
198.148.27.140
208.100.17.171
213.19.147.150
213.19.147.151
213.19.162.61
216.52.2.48
23.37.53.17
2620:1ec:46::19
2a00:1288:110:c305::8000
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:400c:c0c::9a
2a04:4e42:1b::731
3.126.158.103
3.227.115.231
34.120.133.55
34.196.207.72
34.246.61.84
35.244.159.8
51.89.9.252
52.0.219.4
52.17.141.216
52.215.241.211
54.171.45.143
54.227.217.126
69.173.144.139
70.42.32.31
72.247.225.32
88.221.221.73
95.100.70.75
02f620f40dd428b49581375041d161ae29cc2bd9ba66b78d8092e54969ef75d6
040176e0235488585ac9d14c7c33276b6eaf30e7f9ada751efa412fa47d36e44
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77
0e99332578950ab9e8706a2315d9e930344eeaad4508f85aa41079b5e301ed8f
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1a53537e14de571320c27235939e4eabba481cbddcb481e90683af387ffb74b4
1e9ebb5fa98b270e996d6b10365a43fe21ca28476f2bb5df59ba04b5d7ca6a4c
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20befa16cf8d46f47eb1fb02c2a4cd244914e18338e139895c42bcfb8e444233
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2374e5f7df11c2c984c1e35795d1ed678f60b099f4cce5b5450484826f9478cc
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2e0da7b78f6365146f0889b05e139587016e6b5e2e1a8d778dbc3272ad0a6278
301e6923c1e099c35ef751cfecd7ac5d0e2d96787fcef47125d2cd87fdc8585d
303f5a82f06defddccd2fa229a7cc6d69c348ebd5b6bf78815704746af0dc13a
32b0ffbdaf288de753cd11b89e702c4c5c140b7a86037c852ebc341ad99c5f47
32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3793ff27af81a0646b0eef478fdfeee605a57e04958ce3a8bcd2a584440756a2
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a6a9f80d8c90e70e888ad70d3ddced62a123f41e4602ebd5d239ba6eb6360f8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
427d3fe34ee483cd0eb45fec24cab02770f49e0b42840379c6c4a52e13019c10
43bbb4f1a4cf81b6a334b78598e1f96defcc45579b65a9c18c5aa2792aeea9f5
43fb4cbe1eed45007d07b4a51a3612a7ccfd49cb1a6be6b0ee3eaa33ce4745d0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b019ff39ebc25ff6beb67574cfbed22bb8d48c94c87d64d93ed21f003d9e39
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a727b48edffbc1ef902477b4b41eeec35462fa47464d6b7d008e4357cc25b17
4d195a402297509314a9a38df1b8b94f627550aa13fc34aab675a749694e474e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
5041288a3722a78831afd1d16008115f9383c91d744f98617dad527688e5812e
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb07c492e9f8bb7b9ef11bc24bc9c8c3c8b1e559b370851834242fe649b7808
6f727fa820b7927b5f3dc20327f7940f16c7d9a2ce75fe841b3ec1cf43d71623
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73d81a855d493cc82256d7146635d1672d04e105eff9ea2c33193abdbd1e2e1b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7c56d4c4164a67dbde0d1bbe9dd5f2b20417bb5835f017bb6aed37ef7127da27
7cf04ae8518545366545a936bdfa8b7fb26d6ff81c46e93af6fcab60c17e1798
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81f5051a7706193e4279d279605188a8af93b633d6255c6bb99007e8bca65c15
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
862eff8a57590f8e85dd621b011f688df35f8efea22f441abedef959721cc979
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
866b18b888426b62b494797777dc3ccf3b285d12c567d20f99d362cc57cc593d
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
86e2edd0e015f395eb77e33fea944acdcf44fa4658b2e7f5ce8cab1c25c96228
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
9f30799e7ea5caddb7b79f074957baeaecccf1a31846993414008331c257d242
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4889ea6c01f2a4bcda9f8fd9b4e8d9bb5f89e74950981fbdf81beafcc460540
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51c2175969551e059e024f78c1a57067d10a206930c85a73d8cd2c16d63b0c9
a563c981090c6d3d324ea4c723505cd226e439f732e71431db560dc3e6fcdf2b
a72e2103d17c4d2bdb42641bd4ef0bc1d229b5358264c2b4f6c7a4e67b220d60
a8226cef6f6e575740ccabe30fe0aaf7f50739f3f48b8baf05d365487546befa
aa7c23d0a953bd724102aae3c34ed81aaedd5f83ca765c059e45fdf8a624ec34
aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
ad0e541744f676604437a82dbb6da707498b427560f66770bbbf1cc9e0871130
afdbb17bf44b6700c1dabde3c6acf10b306029100ac6e2a5ed6dc0f5c760ca9b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b654867cfd3e2947e60767d43391e95f2cf27a1658e5326252671872ac48c9a0
c22819eec511a6d5ecb08ae505defdd52ceb14f7a37e779f611ba8b172349648
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c84df3da6134b827fdad0b268eb63bc0160fecc24be62ad5468204f6d0004573
c85056e73398226f91328e405a0df1f9b26130e75a4caf62959c8da8774d20c8
c8b49f824eb1ee1e5551f731ab53e7390c211cb9d1fbcee7c59b4b95f970f891
c99999dd431afb290cf1504b8ccaf2eb2992fdc59f6bc04e84290772e884743c
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
d19626af7b59219bbf62f95f41403628590340cd66d60185302d18b7e9aaadc0
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7
d815893ea34e5805c4cfb5e497b666f690fa80a5153bb757437bf6bfd3abb47c
d89efdf8981f80b996f57d327f748367a5652a50b2137822d893a32860c700b4
d9014aa0e08468c70b6f615d7b6596b1c24081f3bbf10695a7d9c3d7d806ca5d
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc53af0a954c8356415ab06a057402a1e6525d0922c96477b80d1e58eadb599e
df2d59b23775b45d04ed528164febd07a0e6d1265726a85de577a038d46c7fe9
e20041e585ecf13e76a4a336e8aead2e5054500823ab0680ad8b513df231ce5c
e2637a1f7405dcdec0ef084c945d849b8562c8aa4bb8a798363a393f012f526a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e928fd56eb75f5909d953d76a6ec33742a0e9a8cda68205437fa2786b5386752
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02165b5a4e05eceda936e58979a6f5befb2d879486d62f7c6e43060d5c920cf
f35b2c57ab594885cbb05cbdc88d13a52d267baa14248c2b84e5dcc3064bd004
f3c16a2fc03364a14394cc34a3857526d37d1c0d10a82109aca93e2dfdf1ed88
f4127b23515a02e151673a10ad6c04af1fbe199d4b79a4492b04c1cf5dd536b7
f983d992f18cc6a5024a1fb94062872c8c1c9ddd3d936289cfb01b720a0c03d8
f9ca3e841c0251e019f321d3c625fb2c3e1907ee085146f88424215f48027266

us.my-vps.ml Open in urlscan Pro 107.182.22.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

99 %HTTPS

27 %IPv6

52 Domains

77 Subdomains

57 IPs

7 Countries

2690 kBTransfer

7994 kBSize

5 Cookies

24 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

us.my-vps.ml Open in urlscan Pro
107.182.22.203 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

99 %
HTTPS

27 %
IPv6

52
Domains

77
Subdomains

57
IPs

7
Countries

2690 kB
Transfer

7994 kB
Size

5
Cookies

190 HTTP transactions
8 data transactions